| Access Requirements to/from the Internet | |
| tcp/22 in (ssh admin) | from our jumphosts or VPN |
| tcp/80 Out | (HTTP) download installation and update packages as well as OS upgrades/patches -> repo.irisns.com, code.irisns.com & the update.freebsd.org mirror |
| tcp/443 Out | (HTTPS) download installation and update packages -> repo.irisns.com, code.irisns.com & the update.freebsd.org mirror |
| tcp/25 out | (mail) from the box out so can receive email notifications |
| udp/123 out | from the box out for time sync |
| udp/53 out | (DNS) |
| tcp/22 out | for Iris CONFIG BACKUP to backup01.irisns.com |
| udp/514 out | Iris Alerts for external monitoring |
| tcp + udp/655 in+out | For remote monitoring |
| Access Requirements on the LAN/WAN | |
| tcp/80 or 443 | Access web portal on the LAN |
| udp/162 in | (SNMP traps) - this will give us Steering-pool traps |
| tcp/21 and 20 in | (FTP for HDR, CDR ) - for ACME to talk to Iris server |
| udp/161 out | (servers and network devices to be monitored) |
| ICMP | (servers and network devices to be monitored) |
| tcp/3377 in | (distributed polling) |
| udp/9996 in | (Netflow) |
| udp/514 in | (syslogs including Fortigates) |
| udp/5354 in | (active monitoring) |
Jumphost Hosts: 196.33.13.87 and 129.232.146.106