I installed the Solarwinds Automation server in the DMZ. I need to open ports for communication between this Automation server and clients in the DMZ. To facilitate this communication, as per the Admin doc, I requested the Firewall team to open the following ports. Our Security Operations team reviewed the request and have raised the following concerns.
135
445 – According to Security team, Netbios is a security risk and should not be open. What functionality will be lost if this port is not opened?
Dynamic ports 1024-65536 – Security team would like to know the need to open over 65,000 ports in a DMZ. What ports are actually necessary for SolarWinds to patch / collect information from servers.
It would help if someone can share their setup for the DMZ environment.
THANKS