Ports

Content Intelligence Installation Guide

Version
2.2.x
Audience
anonymous
Part Number
MK-HCI002-17

Each service binds to a number of ports for receiving incoming traffic. Before installing HCI, you can configure the services to use different ports, or use the default values shown in the following tables.

Port values can be reconfigured during system installation, so your system might not use the default values. You cannot change service port values when the system is up and running.

To view the ports that your system is using, view the Network tab for each service your system runs (Services > service-name > Network).

Warning:

The HCI product uses both internal and external ports to operate its services and the system-internal ports do not have authentication or Transport Layer Security (TLS). At a minimum, use your firewall to make these ports accesible only to other instances in the system. If any users have root access to your system, your network and its systems are vulnerable to unauthorized use.

To secure your data and HCI system, you need to manually use iptables or firewalld to restrict ports to only local commnuications that the HCI installer otherwise leaves open. See System-internal ports and Example HCI firewall setup.

Additionally, you can use Internet Protocol Security (IPSec) or an equivalent to secure internode communications. Consult with your system administrator to configure your network with this added security.