Network Security Groups | Teradata Vantage on Azure (DIY) - 2.2 - Network Security Groups for Vantage - Teradata Vantage on Azure

Teradata Vantageā„¢ on Azure (DIY) Installation and Administration Guide

Product
Teradata Vantage on Azure
Release Number
2.2
Release Date
August 2021
Content Type
Administration
Configuration
Installation
Publication ID
B035-2810-071K
Language
English (United States)

When configuring a network security group, set up the port ranges listed below for each Vantage VM so you can lock down the system to the local host. If you deploy a Teradata ecosystem or deploy Vantage on Azure (DIY) using a solution template, you must open inbound port 1025 as it is closed by default.

When deploying a Teradata ecosystem from a solution template, Teradata uses a different set of security rules for the following ecosystem software and defines the network security group on the NICs of each of these VMs:
  • Teradata Data Mover
  • Teradata Data Stream Controller
  • Teradata Query Service
  • Teradata Server Management
  • Teradata Viewpoint

When deploying Teradata software separately from an image, you create a new or select an existing public IP address as well as a network security group when you configure the software.

If you are not deploying a multi-node VM using a solution template, you must add inbound TCP 22 and UDP 1001-1002 ports.

Vantage
Direction Protocol Port Description
Inbound TCP 22 SSH
TCP 1025 Vantage to the public cloud
TCP 64432 If using mainframe connectivity
UDP 1001-1002 If using a non-traditional deployment method (internal only)