RapidIdentity Product Guide: New UI

Appliance-Specific Communications and Ports

This table contains various requirements and recommendations specific to each RapidIdentity component.

Component

Requirement/Recommendation

Connect

Internal network only. 443: internal, Portal server if in DMZ, and admin users.

All other inbound ports should be restricted to access and from other RapidIdentity servers.

Outbound ports depend on specific customer configuration and connected systems (e.g. AD, Oracle, CIFS Share, Amazon S3).

Credential Provider

8081 for RapidIdentity 2017.x.x if using an http URL only.

Database Appliance

443 inbound for admin users needing access. Internal network only.

Federation

443 inbound for all users needing access. Internal network, and external depending on organizational policies. 88 for Kerberos.

Folders

443 inbound for admin users. Internal network only.

Outbound to access CIFS/DFS data shares. If NetBIOS is required, TCP 445 and UDP 137-139 are all necessary.

Identity Bridge

No inbound ports are required to be open for the Identity Bridge agent installed on-premises, and the only outbound port that needs to be allowed through the firewall(s) for the agent is TCP 443.

Portal

443 inbound for all users needing access. Internal network, and external depending on organizational policies.

Outbound ports depend on specific customer configuration and connected systems (e.g. AD, Oracle, CIFS Share, Amazon S3).

If NetBIOS is required, TCP 445 and UDP 137-139 are all necessary