Configuring Firewall

To ensure proper security, use the guidelines below to configure firewalls for incoming traffic.

Disable IPv6

If you're not using IPv6, you must disable it on all installation environments.

Billing Application server

  • Allow connections from all servers by https (port 443) on installations, which were upgraded from 5.x versions.
  • Allow connections from all servers by https (port 8443) on new 6.x installations.
  • Allow connections to port 5224 only for hosts that require access to Billing API through XMLRPC (typically, Operations management node and Billing online store).
  • Allow connections by ssh (port 22) from required local hosts.
  • Refuse ICMP connections.
  • Drop other connections.

Also make sure that outgoing connections to the following systems are open:

  • https://download.automation.odin.com:443 – to get CloudBlue Commerce updates and hotfixes.
  • https://usage.pa.parallels.com:443 – to bill Lease and RevenueShare partners.
  • https://report.parallels.com:80 – CEP (Customer Experience Program) system to collect Operations usage and configuration statistics. Used for optimizing test plans and product development.

Billing Online store server

  • Allow connections from all servers by https (port 443).
  • Allow connections by ssh (port 22) from required local hosts.
  • Allow connections to https://download.automation.odin.com.
  • Refuse ICMP connections.
  • Drop other connections.

Billing Database server

  • Allow connections by ssh (port 22) from required local hosts.
  • Allow incoming connections by port 5432 from Billing Application server and Operations management node.
  • Refuse ICMP connections.
  • Drop other connections.

For more information, see also CloudBlue Commerce Firewall Configuration Guide at CloudBlue Commerce documentation portal.

© 2021 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal