Faddom does not need to access you servers in any way, but there are some things that Faddom needs to access in your environment. This article details all the ports that need to be open for Faddom to be fully functional:
Port | Protocol | Direction | Source/Target | Use |
22 | TCP | Outbound | Linux Servers | Allow Faddom to use the Software Discovery feature |
53 | UDP | Both | DNS Server | Allow the Faddom server to perform DNS lookups and reverse lookups |
80 | TCP | Inbound | End Users | End user access to web UI |
135 | TCP | Outbound from Faddom proxy | Domain Controllers | Allow Faddom to use the User Discovery Feature |
161 | UDP | Outbound | Load Balancers | Access to load balancers via SNMP to discover their configuration |
443 | TCP | Inbound | End Users | End user access to web UI |
443 | TCP | Outbound | vCenter/Nutanix | Access to the vCenter & Nutanix APIs |
443 | TCP | Outbound | Faddom server | In case there is a separate Faddom proxy installation, the proxy needs HTTPs access to the Faddom server. |
445 | TCP | Outbound from Faddom proxy | Domain Controllers | Allow Faddom to use the User Discovery Feature |
4739 | UDP | Inbound | VMware ESX Hosts/Other NetFlow sources | Allow inbound NetFlow and IPFIX traffic to the Faddom sensor.
NetFlow is coming from the ESX management IP.
IPFIX is coming from the Nutanix host management IP. |
6343 | UDP | Inbound | Hyper-V / Physical Hosts | When using the Hyper-V plugin or Host sFlow to generate sFlow traffic, this port needs to be open to allow sFlow traffic from Hyper-V or the physical hosts to the Faddom sensor. |
9443 | TCP | Inbound | End Users | End user access to web UI |
9545 | TCP | Outbound | Faddom Sensors | In case there are additional sensors installed, Faddom needs access to those sensors to get data from them. |