Cc-sg and network configuration, Appendix b cc-sg and network configuration – Raritan Computer Home Security System User Manual

313

This appendix contains network requirements, including addresses,
protocols, and ports, of a typical CC-SG deployment. It includes
information about how to configure your network for both external access
and internal security and routing policy enforcement. Details are provided
for the benefit of a TCP/IP network administrator. The TCP/IP
administrator's role and responsibilities may extend beyond that of a CC-
SG administrator. This appendix will assist the administrator in
incorporating CC-SG and its components into a site's security access
and routing policies.

The tables contain the protocols and ports that are needed by CC-SG
and its associated components.

In This Chapter

Required Open Ports for CC-SG Networks: Executive Summary.........313
CC-SG Communication Channels.........................................................314

Required Open Ports for CC-SG Networks: Executive Summary

The following ports should be opened:

Port Number

Protocol

Purpose

Details

80

TCP

HTTP Access to CC-SG

Not encrypted.

443

TCP

HTTPS (SSL) Access to CC-SG

and

Node Access to Dominion KXII-
connected nodes in Direct
Mode

SSL/AES-128/AES-256
encrypted.

8080

TCP

CC-SG to PC Client

SSL/AES-128/AES-256 encrypted
if configured.

2400

TCP

Node Access (Proxy Mode)

This port must be opened per
Raritan device that will be
externally accessed. The other
ports in the table must be opened
only for accessing CC-SG.

Encrypted only for Dominion KX II
devices, release 2.1.10 or higher,
if encryption is set in the device

5000

TCP

Node Access (Direct Mode)

This port must be opened per

Appendix B CC-SG and Network Configuration