RecoverPoint: Block anonymous incoming traffic on RecoverPoint specific unused TCP/UDP ports over WAN interface


   Article Number:     540047                                   Article Version: 4     Article Type:    How To 









Customers would like to block anonymous incoming traffic on RecoverPoint specific ports(Unused) which are not required over WAN and would like to close such ports in RecoverPoint settings and not from network firewall.   
    Use cases:   
    Customers would like to close TCP ports as such over WAN taking precautionary measures for unexpected vulnerabilities though RecoverPoint specific ports would use its own protocol.   
    Customer's security team performing penetration test in the network would like to close unused TCP ports over WAN interface.   
    Important note: Before planning to block incoming traffic on specific TCP/UDP ports refer RecoverPoint Security Configuration Guide to know functionality and impact of each TCP/UDP ports. It is always recommended to block the ports on network firewall and not in RecoverPoint.   
    Below are the most unused ports over WAN:   
    80 tcp   
    443 tcp   
    3260 tcp   
    7115 tcp   
    7225 tcp   
    5021 tcp   
    5042 tcp   
    5044 tcp   
    5045 tcp   
    5050 tcp   
    Procedure: A solution exists for this issue but intervention from Dell EMC technical support personnel is required. Procedure involves running script in each RecoverPoint appliance which adds new rules in iptables.rules. Contact the Dell EMC Customer Support Center or your service representative for technical assistance and reference this Dell EMC knowledgebase solution ID.