SuperADMIN and SuperSERVER present a very small TCP/IP "surface area" that also makes effective layer three firewalling simple to achieve. This makes it easy to configure stateful firewall rules to control ingress and egress for the network segment in which SuperADMIN and SuperSERVER are installed.
As shown here, most ports only need to be open for internal communication between components.
Ports that Must be Externally Accessible
The following ports are the only ports that must be accessible externally:
|8080 (External end-user connections to Tomcat)|
|9001 (User Registration and Password Resets)|
Ports that Must be Internally Accesible
The following ports need to be accessible on your internal network for communication between SuperADMIN, SuperSERVER, Metadata Server, as well as the client applications:
9000 (Configuration Server)
9232 (CORBA IIOP protocol)
|8005 (CORBA communications)||8009 (Tomcat Shutdown port)|
9001 (User Registration and Password Resets)
|9002 (The ZMQ subscription port for connections to SuperADMIN)|
|9003 (The ZMQ message port for connections to SuperADMIN)|
9230 (CORBA IIOP)
9231 (Java RMI-JRMP protocol - services)
9234 (Java RMI-JRMP protocol - registry)
Port Usage Overview
The following diagram shows the SuperSTAR Port Usage. If any of these ports are not available it is possible to configure the relevant application to use other ports. Please refer to the configuration guide of the relevant product.