To support trusted connections each core service has two ports, an unencrypted non-SSL port and an encrypted SSL port. Trusted connections require the encrypted SSL port.
To establish a trusted connection, each Security Analytics Core service must be upgraded to 10.4 or later. Trusted connections are not backwards compatible with Security Analytics Core 10.3.x or earlier.
Encrypted SSL Ports
When you install or upgrade to 10.4 or later, trusted connections are established by default with two settings:
- SSL is enabled.
- The core service is connected to an encrypted SSL port.
Each Security Analytics Core service has two ports:
- Encrypted non-SSL port
Example: Archiver 50008
- Unencrypted SSL port
Example: Archiver 56008
The SSL port is the non-SSL port + 6000.
The following table lists all Security Analytics services with their respective ports and shows that each core service has two ports. All port numbers listed are TCP.
|Event Stream Analysis||50030||N/A|