What ports, communication and encryption methods does Security Manager use? (NETIQKB1092)

  • 7701092
  • 02-Feb-2007
  • 25-May-2007

Resolution

goal

What ports, communication and encryption methods does Security Manager use?



fact
Security Manager 4.20

fact
Security Manager 4.50

fix

Communication between the Agent and the Consolidator is encrypted using cylink mek encryption algorithm. For more information about encryption algorithm and agent authentication process,  refer to the following knowledge base article:

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB33349

By default, agents use secure TCP/IP port 1270 to communicate with the Consolidator unless agents are configured for or fail over to unencrypted communications. Unencrypted communication occurs over port 51515. Both of these ports are configurable.

The Consolidator and Agent Manager (CAM) communicates directly to the SQL server machine only when initially trying to discover a Data Access Server (DAS). In this instance, communication occurs between the component and a .dll file where the name of the Data Access Server (DAS) is stored. No central components ever touch the database directly. If DCOM tunneling is enabled, communication occurs over port 80, otherwise communication occurs using SQL ports 1024 and above.

When the Data Access Server (DAS) communicates to the database server, it uses SQL RPC ports.

The MMC Consoles (Monitor and Development) communicates to the Data Access Server (DAS) using random RPC ports.

The Web Console and Web Reporting communicate using normal HTTP traffic. 

The Reporting Query Tool uses an ODBC connection to the database.



note

Please refer to the following knowledge base articles related to Agent Authentication process:

Overview of Agent Authentication mechanism in Security Manager.

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB33349

How the Agent and Consolidator exchange keys using an initialize, rekey, and reinitialize process?

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB33523

How can I validate and examine the information for authenticated agents?

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB33528  

How can I troubleshoot and resolve errors with Agent Authentication failures?

https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB33348

 



Additional Information

Formerly known as NETIQKB1092

Feedback service temporarily unavailable. For content questions or problems, please contact Support.