discoSystem-traffic.md

Scanning Machine Discovery Communication

Represented by violet arrows in Physical Architecture diagram in section 8.1.1.

portprotocolsourcepurpose
N/AICMPS,Pping
4UDP,TCPSclosed port check
22TCPSsecure shell access on UNIX hosts
80TCP (HTTP)Sfetch HTTP banners
135UDP,TCPSDetect Windows RPC
161UDP (SNMP)SSNMP get operations
443TCP (HTTPS)Sfetch HTTP banners\and vCenter
902TCP (vSphere)Sretrieve standalone ESX/ESXi Host details
5122TCPSalternate secure shell access on some UNIX hosts

Windows Proxy Discovery Communication

Represented by green arrows in Physical Architecture diagram in section 8.1.1.

portprotocolsourcepurpose
N/AICMPS,Pping
135UDP,TCPPDCE RPC endpoint management,\DCOM service control
139UDP,TCPPDCE and or DCOM for old-style Windows domains
445UDP,TCPPDirectory Services SMB
5100 to 6000UDP,TCPPRestricted DCOM data sessions

Component System Communication

portprotocolsourcepurpose
22TCPISSH. All Machines
25TCPOSMTP for a future phase. All Machines
53UDPODNS. All Machines
80TCPIHTTP. UI for all Machines. TEMPORARY until HTTPS is configured.
123UDPONTP. All Machines
389TCPOLDAP. Machine and Proxy Windows authentication
443TCPIHTTPS. UI for all Machines
3389TCPORDP to Proxy hosts
4321TCP (CORBA)IAD Proxy Service. From scanners.
46262TCPOCMDB Sync. Out from syncing Machines to all RoD CMDBs.

Key

abbreviationvalue
SScanning Machine
PWindows Proxy
OOutgoing component System comm
IIncoming component System comm