Configuring network security group settings - BlueCat Address Manager - 9.3.0

BlueCat Azure Virtual Appliances

prodname
BlueCat Address Manager
version_custom
9.3.0
Add rules to allow specific traffic to reach your instance as needed. BlueCat recommends the following minimum set of firewall rules for Address Manager and BlueCat Azure Virtual Appliances:
Table.
BAM BDDS
  • HTTP port 80
  • HTTPS port 443
  • SSH port 22
  • Custom TCP Rule with port number 10045 for notifications
  • SSH port 22
  • Custom TCP Rule with port number 123 for NTP (inbound only) and 161 for SNMP (inbound only)
  • Custom TCP Rule with port number 10042 for secure management and connectivity between DNS/DHCP Servers and Address Manager
  • Custom TCP and UDP Rule with port number 53 for DNS
Note: For more information on using network security groups to filter traffic on Azure Virtual Networks, refer to https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-nsg.
Note: For more information about BlueCat appliance service ports, refer to "Appendix A: Network Requirements" in the Address Manager Administration Guide.

To define network security group settings to your BlueCat Azure virtual appliance:

  1. Log in to the global Azure or Azure Government Portal.
  2. Click Virtual Machines in the left-nav.
  3. From the list of virtual machines, click the name of the virtual machine you wish to configure with a network security group.
  4. Under Settings, click Networking.
  5. Click one of the interfaces of your BlueCat Azure VM, for example azure-bdds-nic-eth0. The Network Interface page opens.
  6. Under Settings, click Network Security group.
  7. Click Edit then choose a network security group or select None.
  8. Click Save.
    Note: OPTIONAL: You can also configure a network security group on subnets. This will propagate the network security group settings to all interfaces on that subnet.

Repeat this task for additional interfaces.