CA Vulnerability Manager Ports

Document ID:  TEC464832
Last Modified Date:  06/14/2008
{{active ? 'Hide' : 'Show'}} Technical Document Details

Products

  • CA Vulnerability Manager

Components

  • CA Vulnerability Manager:ETRVMG

Description:

Here is some information regarding the ports your should have open for the VM to communicate properly.

Solution:

Open Ports within the Network. Communication through TCP/IP port 5250 is required between CA Vulnerability Manager and the CA VM Service client. In addition, if using the On-Demand inventory feature, communication through default TCP Port 5251 is needed between CA Vulnerability Manager and the CA VM Service client. The CA VM Service installed on the assets will be listening on this port. (This port is configurable, accepting values between 1025 and 65535.)

CA Vulnerability Manager and the CA VM Service client communicate via port 5250. It is possible for CA Vulnerability Manager and the CA VM Service client to communicate through a security gateway (such as firewall, proxy, filtering router, VPN and so on) as long as the device is enabled to allow connectivity between CA Vulnerability Manager and assets through TC/IP port 5250.

If using an existing Unicenter Software Delivery (USD) infrastructure, and pointing the CA Vulnerability Manager to a USD Local server, communication through TCP/IP Port 4721 is needed between CA Vulnerability Manager and the Unicenter Local server, or CA Vulnerability Manager and the Unicenter Software Delivery remediation agent.

Browsers used to access the CA Vulnerability Manager communicate by SSL via Port 443. The appropriate browser security level and open ports must exist within the network between the browsers and the appliance in order for to successfully access the appliance.

Open Ports to the Internet. CA Vulnerability Manager requests content and code updates from CA via port 5250 through a secure sockets layer (SSL) session. The client must allow traffic through port 5250 to CA in order to update content/code. Updates are based on an hourly or daily schedule that is customer specified, but the port used to pull the updates is not configurable, and there are no alternatives for updating code and content using any other resource at this time.

In addition connecting through the Internet to CA for content and code updates, the CA Vulnerability Manager will need to communicate through the Internet for Patch remediation download via HTTP Port 80. This connection varies by URL specified in the patch remediation data.

Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255

{{status}}

Not what you were looking for?

Search Again >

Product Information

Support by Product >

Communities

Join a Community >