IMG 1010 - IP Security
Â
IP Security for IMG and GCEMS
To protect against denial of service attacks, the GCEMS (Linux server) and IMG Control IP can be placed behind a firewall for security. Â Should remote access to the GCEMS server be needed, a NAT, VPN, or other secure solution can be used for access to the server from the public internet.
Following is a list of ports and protocols used by the IMG and the GCEMS server.
The Ports in red would need to be opened in the firewall based on the recommendation above for remote access.
Connections between IMG and GCEMS
Port # | Description | Purpose |
TCP: 20 & 21 | FTP |
|
TCP: 23 | Telnet | IMG debug access |
UDP: 111 | PortMap | Portmap is used to request a mount port. Usually for NFS or NIS. The port request is sent from the IMG to the GCEMS server. See PortMap Request below. |
UDP: 2049 | NFS |
|
UDP: 1812 | Radius Authentication | Call authentication |
UDP: 1813 | Radius Accounting | Record Call Detail Records |
TCP/UDP: 161 | SNMP Network | Receive SNMP requests |
TCP/UDP: 162 | SNMP Network | Receive SNMP Traps |
TCP: 12610 | GCEMS control | IMG Configuration and Provisioning |
UDP: 123 | NTP Network | Time Protocol |
Connections to the GCEMS server
Port # | Description | Purpose | Connection from |
TCP: 22 | SSH | Remote access to GCEMS server |
|
TCP: 5901 | VNC | Â Remote access to GCEMS server |
|
TCP: 80 | HTTP | MRTG or CACTI monitoring | Local support personnel |
TCP: 1312 | GCEMS | GCEMS application port |
|
TCP: 2623 | ClientView | Data Transfer Port between ClientView and DataManager | ClientView |
TCP: 2428 - 2433 | ClientView | FTP Transfer to DataManager | ClientView |
TCP: 2624 | ClientView | Signaling Port between ClientView and DataManager | ClientView |
TCP: 1098/1099 | ClientView | ClientView Authentication (Only required when ClientView is running on a different machine from GCEMS) | PC running ClientView to GCEMS server |
Â
Connections between IMG's if running redundant SS7 or SS7 with remote IMG’s
Port # | Description | Purpose | Connection from |
UDP: 34867 | SS7 Management | Internal SS7 communication between IMGs | IMG |
PortMap Request
PortMap uses Port 111 and is used to request a mount port. Request is sent from IMG.
Mount uses the port returned in the PortMap response.
NFS uses port 2049
Â
Â