Firewall recommendations for IBM SKLM

Read this topic to learn about port access for IBM® Security Key Lifecycle Manager (SKLM).

The following table lists the ports for communicating with SKLM. The SKLM ports apply for both IBM Storage Scale file encryption and Transparent Cloud Tiering (TCT).
Note: IBM Storage Scale supports IBM Security Guardium Key Lifecycle Manager (GKLM) 4.1.0.1 (IF01), 4.1.1, or later. The older versions of GKLM are referred to as IBM Security Lifecycle Manager or SKLM in the documentation. The configuration information is the same for both GKLM and SKLM.
Table 1. Firewall recommendations for GKLM
Port number Protocol Service Components
  • 9083
 TCP WebSphere® Application Server mmsklmconfig command for retrieving server certificate chain
  • SKLM 2.6: 9080
  • SKLM 2.7: 443
  • SKLM 3.0: 443
  • SKLM 3.0.1: 443
  • SKLM 4.0: 9443
  • GKLM 4.1.0.1: 9443
  • GKLM 4.1.1: 9443
 TCP SKLM and GKLM REST admin interface mmsklmconfig utility for configuring IBM Storage Scale
  • 5696
 TCP SKLM and GKLM Key Management Interoperability Protocol (KMIP) interface IBM Storage Scale daemon for retrieving encryption keys, mmsklmconfig utility for configuring IBM Storage Scale