Network Security Groups for Other Teradata Applications

When configuring a network security group for Teradata software applications, set up the following port ranges for each VM to allow access to and from those ports. Although all outbound ports can be opened, ensure the outbound ports listed below are specifically designated. Add ports only for software being accessed. For example, do not add ports for Server Management unless it is being used.
SoftwareDirectionProtocolPort RangeDescription
Parallel Upgrade Tool (PUT)Inbound
  • TCP
  • TCP
  • TCP
  • 22
  • 3389
  • 9000-9010, 8443
  • SSH
  • RDP
  • Axeda or Teradata Connect to connect to PUT

Open the ports listed under Teradata Server Management if applicable to your environment.

Teradata Data MoverInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 1080
  • 5180, 5190
  • 25168
  • 25268
  • 25368
  • 61616
  • SSH
  • Teradata Database Service
  • REST
  • Server Management
  • ARC Server
  • ARC Access Module
  • Master Sync Service
  • ActiveMQ
Teradata Data Stream ControllerInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 9090
  • 15401
  • 15402
  • 61616
  • SSH
  • Teradata Database Service
  • DSA REST Services
  • BarNC Data Traffic
  • BARNC Web Service
  • ActiveMQ
Teradata Ecosystem ManagerInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 61616
  • 61720, 61820, 8090
  • SSH
  • Teradata Database to Ecosystem Manager in the public cloud
  • ActiveMQ
  • Agent packages
  • Ecosystem Manager Control Engine
Teradata QueryGrid 1.n See Teradata QueryGrid 1.0 within the Public Cloud and Teradata QueryGrid 1.0 between the Public Cloud and On-Premises.
Teradata REST ServicesInbound
  • TCP
  • TCP
  • 22
  • 1080
  • SSH
  • REST
Teradata REST ServicesOutboundTCP
  • 1025
  • Single instance of Teradata REST Services to Teradata Database in the public cloud
Teradata Server Management: Managed Instances Inbound
  • TCP
  • TCP
  • TCP
  • 22
  • 5180-5181
  • 5190-5191
  • Allow SSH over the virtual subnet.
  • For sm3gnode; needs to be allowed only from the Server Management (or CMIC) instance.
  • 5190-5191 is also for sm3gnode. Same as above.
Teradata Server Management: CMIC to CMIC Communication Inbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • UDP
  • TCP
  • TCP
  • 22
  • 1080
  • 1443
  • 7755
  • 7757-7758
  • 7758
  • 7759
  • 9981
  • 61618
  • SSH
  • REST (http)
  • REST (https)
  • Java Proxy Tunnel
  • Java RMI
  • Java Connections Tunnel
  • SOV Ping
  • CMIC Web (https)
  • JMS
Teradata Server Management: CMIC Instance Inbound
  • TCP
  • TCP
  • UDP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • UDP
  • UDP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1080
  • 5598-5599
  • 5599
  • 5988
  • 5999
  • 7755
  • 7757-7758
  • 7759
  • 7946
  • 7946
  • 9981
  • 9991
  • 61618
  • SSH
  • REST (http)
  • CMIC Heartbeat
  • CMIC Heartbeat
  • CIM
  • CMIC Software upgrade/downgrade
  • Java Proxy Service for SM Client
  • Java RMI for SM Client
  • SOV Ping for SM Client
  • Serf
  • Serf
  • HTTP (CMIC Web Services
  • REST (https)
  • JMS
Teradata Server ManagementOutbound
  • TCP
  • TCP
  • 443
  • 8009
  • HTTPS for ServiceConnect
  • ServiceConnect to policy server
Teradata Tools and UtilitiesInbound
  • TCP
  • TCP
  • 22
  • 1025
  • SSH
  • Teradata Database Service
Teradata ViewpointInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 80
  • 443
  • 5432
  • 61616
  • SSH
  • HTTP for Viewpoint
  • HTTPS for Viewpoint
  • Teradata Alerts
  • ActiveMQ
Teradata ViewpointOutboundTCP
  • 1025
  • Single VM of Teradata Viewpoint to Teradata Database from Azure

results matching ""

    No results matching ""