Security Groups for Other Teradata Applications

When configuring a security group for Teradata software applications, set up the following port ranges for each software instance to allow access to and from those ports. Although all outbound ports can be opened, ensure the outbound ports listed below are specifically designated. Only add ports for accessed software. For example, do not add ports for Server Management unless it is used.
SoftwareDirectionProtocolPort RangeDescription
Parallel Upgrade Tool (PUT)Inbound
  • TCP
  • TCP
  • TCP
  • 22
  • 3389
  • 9000-9010, 8443
  • SSH
  • RDP
  • Axeda or Teradata Connect to connect to PUT

Open the ports listed under Teradata Server Management if applicable to your environment.

Teradata Data MoverInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 1080
  • 5180, 5190
  • 25168
  • 25268
  • 25368
  • 61616
  • SSH
  • Teradata Database Service
  • REST
  • Server Management
  • ARC Server
  • ARC Access Module
  • Master Sync Service
  • ActiveMQ
Teradata Data Stream ControllerInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 9090
  • 15401
  • 15402
  • 61616
  • SSH
  • Teradata Database Service
  • DSA REST Services
  • BARNC Data Traffic
  • BARNC Web Service
  • ActiveMQ
Teradata Ecosystem ManagerInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1025
  • 61616
  • 61720, 61820, 8090
  • SSH
  • Teradata Database to Ecosystem Manager in the public cloud
  • ActiveMQ
  • Agent packages
  • Ecosystem Manager Control Engine
Teradata QueryGrid Manager Inbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 9300-9303
  • 7000-7001
  • 9443-9445
  • 443
  • SSH
  • Custom rule
  • Custom rule
  • Custom rule
  • HTTPS
Teradata REST ServicesInbound
  • TCP
  • TCP
  • 22
  • 1080
  • SSH
  • REST
Teradata REST ServicesOutboundTCP
  • 1025
  • Single instance of Teradata REST Services to Teradata Database in the public cloud
Teradata Server Management: Managed Instances Inbound
  • TCP
  • TCP
  • TCP
  • 22
  • 5180-5181
  • 5190-5191
  • Allow SSH over the virtual subnet.
  • For sm3gnode; needs to be allowed only from the Server Management (or CMIC) instance.
  • 5190-5191 is also for sm3gnode. Same as above.
Teradata Server Management: CMIC Instance Inbound
  • TCP
  • TCP
  • UDP
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • UDP
  • UDP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 1080
  • 5598-5599
  • 5599
  • 5988
  • 5999
  • 7755
  • 7757-7758
  • 7759
  • 7946
  • 7946
  • 9981
  • 9991
  • 61618
  • SSH
  • REST (http)
  • CMIC Heartbeat
  • CMIC Heartbeat
  • CIM
  • CMIC Software upgrade/downgrade
  • Java Proxy Service for SM Client
  • Java RMI for SM Client
  • SOV Ping for SM Client
  • Serf
  • Serf
  • HTTP (CMIC Web Services)
  • REST (https)
  • JMS
Teradata Server ManagementOutbound
  • TCP
  • TCP
  • 443
  • 8009
  • HTTPS for ServiceConnect
  • ServiceConnect to policy server
Teradata Tools and UtilitiesInbound
  • TCP
  • TCP
  • 22
  • 1025
  • SSH
  • Teradata Database Service
Teradata ViewpointInbound
  • TCP
  • TCP
  • TCP
  • TCP
  • TCP
  • 22
  • 80
  • 443
  • 5432
  • 61616
  • SSH
  • HTTP for Viewpoint
  • HTTPS for Viewpoint
  • Teradata Alerts
  • ActiveMQ
Teradata ViewpointOutboundTCP
  • 1025
  • Single instance of Teradata Viewpoint to Teradata Database from AWS

results matching ""

    No results matching ""