UAG external ports - security consideration

bsob · ‎04-20-2021

I have deployed UAG v21.03 with two nic configurations (Internet and Management)

I wonder why on Internet interfaces I see a few open ports, for example, SSH, I checked and I cannot login however I am getting logon prompt.

Should I hide my UAG behind the firewall and restrict access to unused ports or there is an option to restricts these ports on UAG?

NMAP Scan results:

PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 7.8 (protocol 2.0)
80/tcp open rtsp
443/tcp open ssl/https?
8080/tcp open rtsp
8443/tcp open ssl/http VMware Horizon View

fabio1975 · ‎04-20-2021

Being a virtual appliance (Black Box) I would not modify anything on the VM (unless there are documented commands)

I usually ask to put a firewall between the UAG and the Internet. To check the ports that must communicate with the internet, look at this document:
https://docs.vmware.com/en/Unified-Access-Gateway/2103/uag-deploy-config/GUID-F197EB60-3A0C-41DF-8E3...

Fabio

Visit vmvirtual.blog
If you're satisfied give me a kudos

All

UAG external ports - security consideration