Faddom does not need to access you servers in any way, but there are some things that Faddom needs to access in your environment. This article details all the ports that need to be open in order for Faddom to be fully functional:
Port | Protocol | Direction | Source/Target | Use |
22 | TCP | Outbound | Linux Servers | Allow Faddom to use the Software Discovery feature |
53 | UDP | Both | DNS Server | Allow the Faddom server to perform DNS lookups and reverse lookups |
80 | TCP | Inbound | End Users | End user access to web UI |
135 | TCP | Outbound from Faddom proxy | Domain Controllers | Allow Faddom to use the User Discovery Feature |
161 | UDP | Outbound | Load Balancers | Access to load balancers via SNMP to discover their configuration |
443 | TCP | Inbound | End Users | End user access to web UI |
443 | TCP | Outbound | vCenter | Access to the vCenter APIs |
443 | TCP | Outbound | Faddom server | In case there is a separate Faddom proxy installation, the proxy needs HTTPs access to the Faddom server. |
445 | TCP | Outbound from Faddom proxy | Domain Controllers | Allow Faddom to use the User Discovery Feature |
4739 | UDP | Inbound | ESX Hosts / Other netflow sources | Allow inbound netflow traffic to the Faddom sensor. Note that netflow traffic is sent from the management IP addresses of ESX hosts when enabled on VMware. |
6343 | UDP | Inbound | Hyper-V / Physical Hosts | When using the Hyper-V plugin or Host sFlow to generate sFlow traffic, this port needs to be open to allow sFlow traffic from Hyper-V or the physical hosts to the Faddom sensor. |
9443 | TCP | Inbound | End Users | End user access to web UI |
9545 | TCP | Outbound | Faddom Sensors | In case there are additional sensors installed, Faddom needs access to those sensors to get data from them. |