The rules that are mandatory must be open on the firewall. Refer to Architecture diagram for explanation.
| Source | Destination | Description | External flow |
|---|---|---|---|
| End user | Nginx (HTTPS on 8443) | HPA Portal, Keycloak administration, Webview | YES |
| Calypso Agent - server hosting calypso (engines, dataserver, ST, etc..) - navigator (citrix, local desktop machine) |
EM (TCP over SSL on 5443) | Metrics flow from agents to HPA | YES |
For information, the following ports are also used locally :
| Source | Destination | Description | External Flow |
|---|---|---|---|
| Nginx | HPA Portal (HTTPS on 28443) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| Nginx | Broadcom Webview (HTTPS on 8445) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| Nginx | Keycloak (HTTPS on 28443) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| HPA Portal | Keycloak (HTTPS on 28443) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| HPA Portal | HPA Extractor (HTTP on 18080) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| HPA Portal | HPA PostgreSQL(JDBC on 5555) | User preferences | NO |
| HPA Extractor | Broadcom API(HTTP on 8081) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| HPA Extractor | Broadcom APM SQL(JDBC on 54321) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| HPA Extractor | HPA PostgreSQL(JDBC on 5555) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| Broadcom APM SQL | Broadcom PosgreSQL (JDBC on 5432) | If collocated on same server not mandatory, otherwise mandatory. | NO |
| <nothing> | Local HPA Agent (5005) to send metrics with an EPAgent (push metrics to EM from local server) | NO | |
| End user | Broadcom Workstation(TCP on 5001 or TCP over SSL on 5443) | Port must be open to end user network | YES |