Software firewall configuration in the virtual appliance
Before you start the installation of IBM® Security Identity Governance and Intelligence virtual appliance, check the considerations for the port numbers, apart from host names, user accounts, and fix packs.
Having a software firewall on the virtual appliance helps to control only the necessary ports for IBM Security Identity Governance and Intelligence to work.
IBM Security Identity Governance and Intelligence hides all the unwanted ports and provides only those ports that are required by the virtual appliance.
Use
the default ports for a standard installation on a clean computer.
For advanced or custom deployments, you might have to use different
port numbers. If you intend to use the default ports, ensure that
the port is not yet assigned and are available before you use the
product installation program.
- Check the availability of the ports that are required by the IBM Security Identity Governance and Intelligence virtual appliance.
- Open a port checking utility on the computer. Alternatively, check the firewall rules for the system.
- If the port is already assigned, choose another value when prompted by the installation program.
Table 1 describes a list of available ports that you
can use to work with IBM Security Identity Governance and Intelligence virtual appliance:
| Port numbers | Used by |
|---|---|
| 22 | Secure Shell (SSH). |
| 161 | SNMP server, if configured. |
| 1098 | Security Directory Integrator web server port. |
| 1099 | RMI Dispatcher service. |
| 2821 | Application server bootstrap. |
| 8892 | Application server SOAP port. |
| 9112 | Application server ORB Listener. |
| 9343 | Secure application server. |
| 9443 | Secure appliance management interface. |
| 9437 | CSIV2 SSL mutual authentication listener address. |
| 9438 | CSIV2 SSL server authentication listener address. |
| 9439 | SAS SSL server authentication listener address. |