Network Security Groups for Teradata Database
When configuring a network security group, set up the port ranges listed below for each Teradata Database VM so the Teradata Database can be locked down to the local host. In particular, note the following:
- If you deploy a Teradata ecosystem or deploy Teradata Database using a solution template, incoming port 1025 is closed by default.
- Port 1025 is blocked in Teradata Database MPP VMs until the dbc password is changed.
If you are purchasing software using BYOL, Port 443 must be open to connect to the Teradata EMS server to successfully deploy Teradata Database on Azure. See Bring Your Own License and Teradata Entitlement Management System (EMS) Customer User Guide.
- Teradata Data Mover
- Teradata Data Stream Controller
- Teradata Ecosystem Manager
- Teradata REST Services
- Teradata Server Management
- Teradata Viewpoint
When deploying Teradata software separately from an image, you create a new or select an existing public IP address as well as a network security group when you configure the software. See Deploying Teradata Products Separately on Azure.
If you are not launching a Teradata Database MPP VM as described in Chapters 3 and 4, you must add inbound TCP 22 and UDP 1001-1002 ports.