Possible values for the Firewall state are:
Disabled | Firewall allows unrestricted access to and from the system |
Enabled: Closed | Most connections are closed, only those required for monitoring and reporting are allowed |
Enabled: Open | Connections required for monitoring and reporting are allowed, plus connections to all devices
that have active alerts or have been placed in Service Access Mode. |
The Remote Support Manager automatically configures the internal firewall to allow access to subsystems that have active alerts.
If access is needed to other subsystems, you can manually enable Service Acccess for those subsystems. In addition, if you have configured
any switches, they can also be enabled for Service Access.
General information about firewall rules and allowed connections
In order to detect events and report them to IBM the following connections are always permited.
- Inbound SNMP traps on port 163
- Outbound connections to the configured e-mail (SMTP) server and Domain Name Servers (DNS).
In addition, the following connections are allowed for maintenace of the Remote Support Manager.
- Outbound connections to IBM's websites and FTP servers
- Outbound ping requests to any address
- Inbound ping responses
While a subsystem has an active alert, outbound connections to that subsystem are allowed. Outbound connections are also allowed for all devices
that have been placed in "Service Access" mode.
|
Possible values for the Firewall state are:
Disabled - Firewall allows unrestricted access to and from the system
Enabled: Closed - Most connections are closed, only those required for monitoring and reporting are allowed
Enabled: Open - Connections required for monitoring and reporting are allowed, plus connections to all devices
that have active alerts or have been placed in Service Access Mode.
The Remote Support Manager automatically configures the internal firewall to allow access to subsystems that have active alerts.
If access is needed to other subsystems, you can manually enable Service Acccess for those subsystems. In addition, if you have configured
any switches, they can also be enabled for Service Access.
General information about firewall rules and allowed connections
In order to detect events and report them to IBM the following connections are always permited.
- Inbound SNMP traps on port 163
- Outbound connections to the configured e-mail (SMTP) server and Domain Name Servers (DNS).
In addition, the following connections are allowed for maintenace of the Remote Support Manager.
- Outbound connections to IBM's websites and FTP servers
- Outbound ping requests to any address
- Inbound ping responses
While a subsystem has an active alert, outbound connections to that subsystem are allowed. Outbound connections are also allowed for all devices
that have been placed in "Service Access" mode.
Back
|