Hi - I have a customer who is concerned about security with concerns to opening ports for Beehive. They have come back with the following questions: 1. What service is used by each port? TCP, UDP, ICMP? 2. Is Network Address Translation (NAT) needed?
BeehiveOnline has a number of ports in use mainly for duifferent protocols and the ports and there use is as follows:
Port 443 - Https traffic - 90% of all access is via thei route
Port 21 - FTPS traffic with explicit TLS - we use passive FTPS so there will be an incoming data channnel from the mid tier to allow through the remote firewall
Port 9554 - Proprietary Windows plugin traffic for OBEE and OBEO
That is all of the outward facing ports and their protocols caaess types.
NAT - we may have some of this in use at the firewall to redirect to our internal ports on the mid-tiers - not surprisingly they are not straight through connections.
Customer actually wanted to know if it was 'needed' - is NAT needed. Can you provide a definitive answer? Your previous answer stated that it 'may' have some of this in use at the firewall to redirect to our internal ports on the mid-tiers. My customer is a bank and 'may' will not work as an answer to them.
Not quite sure what the issue is but here goes. NAT is not needed by the customer - we expose the standard ports and protocols on the normal ports and they should be able to do 90% of their work via https anyway. They do not need to do anything NAT related and the BigIP firewal redirection we do is hidden from the user - they access the standard URL https://beehiveonline.oracle.com.
We have several banks on the system and they are comfortable the system is secure - we use it for secure communications ourselves.