SmartSense gateway to Hortonworks
Hortonworks does not initiate communications to the SmartSense gateway, all communication is initiated by the SmartSense gateway to Hortonworks. For this interaction, the following ports are used:
Source Component | Destination Component | Destination Port | Purpose |
---|---|---|---|
Gateway | Hortonworks | tcp/443 | HTTPS bundle upload |
As bundles are captured, the HST server uses the two-way SSL communication channel to securely stream the bundle file to the SmartSense gateway. After this process starts, the SmartSense gateway opens up a secure connection to Hortonworks, using the HTTPS port to upload the bundle.
-
Allow firewall access from the gateway to a CNAME using port 443.
The Hortonworks HTTPS servers utilize Elastic Load Balancing from Amazon Web Services. The CNAME is recommended as the number of instances, and IPs of instances used by the load balancer are fluid. Using the CNAME provides the greatest availability.
-
Allow firewall access from the gateway to a pair of static IPs using port 443.
These IPs do not change, and they use "round-robin" DNS for load balancing. This is the least preferred option, because instance availability is not quickly updated in DNS.