Port requirements
Open ports are an exploitable means of system entry. Limiting the number of open ports effectively reduces the number of potential entry points into the server. A server can be port scanned to identify available services.
All TCP/IP port numbers used for communication between Bravura Security Fabric services and modules across the network are configurable. Following are default values. Note that not all of these services may be active depending on the deployed features.
Description | Program name | Default |
|---|---|---|
Database Service TCP port | iddb | 5555 |
File Replication Service TCP port | idfilerep | 2380 |
Workflow Manager Service TCP port | idwfm | 2240 |
Transaction Monitor Service TCP port | idtm | 2234 |
Password Manager Service TCP port | idpm | 3334 |
Session Monitoring Package Generation Service TCP port | sessmon modules | 2340 |
Discovery Service TCP port | iddiscover | 2540 |
Privileged Access Manager Service TCP port | idarch | 6190 |
Persistent Connector Service TCP port | agtsvc | 4567 |
The defaults are applied during installation unless modified or that port is already in use by another Bravura Security Fabric instance.
On Bravura Security Fabric proxy servers, the following ports are used:
Service | Program name | Default |
|---|---|---|
Proxy service |
| 3344 |
From a user’s web browser to the Bravura Security Fabric server, the following ports are used:
Service | Port (non-SSL) | Port (SSL) |
|---|---|---|
Web Service | 80 | 443 |
For ports that Bravura Security Fabric uses to connect to target systems see the respective sections in the Connector Pack documentation.