Refer to the following diagram and port table to ensure that all the relevant ports are opened for components in your Security Analytics deployment to communicate with each other.
Security Analytics Network Architecture
The following diagram illustrates the Security Analytics network architecture with ports used for communications in Security Analytics 10.6.
Security Analytics Host and Service Ports
In versions prior to Security Analytics 10.4, an administrator was able to use the native protocol for fast non-SSL communications like aggregation and REST API for SSL between Security Analytics and the hosts. All communications from Security Analytics moved from REST API to the native Security Analytics Core ports. As a result a second native Security Analytics Core port per host service was added so that administrators can enable secure (SSL) network communications while still being able to use non-secure (HTTP and Security Analytics Core (native)) connectivity methods for communication between services on the same system. Administrators can toggle the ports on and off to support only SSL, only non-SSL, or both.
The following table lists the Security Analytics hosts and their respective service ports: