Configuring Firewall Rules
Before ArcMC can receive data, some ports must be opened through the firewall.
- For Software ArcMC, you are responsible for setting up the firewall. ArcSight recommends that you configure your firewall so that only the required ports are open.
- For the ArcMC Appliance, ArcSight provides a script to configure your firewall. See Configuring the Firewall on ArcMC Appliance for more information.
You can configure the firewall on your ArcMC as you would on any server, by editing iptables-config and white-listing the appropriate ports. For ArcMC Appliances only, you can use the provided script to close all but the appropriate ports in your firewall.
Tip: Be sure to update the firewall configuration when you add or remove any service or function that requires an open port, such as FTP, SNMP, or local connector.
After you first install or upgrade ArcMC, configure the firewall to be open only for the following ports, depending on your form factor and install:
Default Inbound Ports
| Service | ArcMC Appliance | Software ArcMC root install | Software ArcMC non-root install |
| FTP | 21 | N/A | N/A |
| HTTPS | 443 | 443 | 9000 |
| NTP | 123 | N/A | N/A |
| Local Connectors | 9001- 9008 | N/A | N/A |
| SSH | 22 | 22 | 22 |