Hi All,
I want to be sure that I am understanding the Commcell communication requirements. As I understand it there is one commserve server per commcell. For agents on endpoints, the agents have to communicate on port 8040. For the agent to be installed SMB is also required.
From a security point of view it seems very risk allowing one server access to the entire server estate! Am I missing something?
Best answer by Mike Struening
There’s a really cool tile we have that will help you ensure that all of the possible security features are in use:
https://documentation.commvault.com/11.24/essential/121364_security_assessment_tile.html
Let me know if that helps!
+8Hi John, not sure if I got your question right however CV has set communication/control ports, have you seen this section in documentation, its worth a read it may have some clarity
https://documentation.commvault.com/11.24/expert/8572_tcp_ports_used_for_services.html
+88400 is a proprietary port, only CV should be using that port, could you share more on how you see this as being risky just to add more context?
So 8400 and smb.
If comserve server is compromised it has access to all machines in the server estate, granted 8400 is proprietary but there is a risk it could be used in some way? However smb isn’t proprietary.
+22There’s a really cool tile we have that will help you ensure that all of the possible security features are in use:
https://documentation.commvault.com/11.24/essential/121364_security_assessment_tile.html
Let me know if that helps!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
