Network Security Groups | Teradata Vantage on Azure (DIY) - 2.3 - Network Security Groups for Vantage - Teradata Vantage on Azure

Teradata Vantageā„¢ on Azure (DIY) Installation and Administration Guide

Teradata Vantage on Azure
Release Number
April 2022
English (United States)
Last Update

When configuring a network security group, set up the following port ranges listed for each Vantage VM so you can lock down the system to the local host. If you deploy a Teradata ecosystem or deploy Vantage on Azure (DIY) using a solution template, you must open inbound port 1025 as it is closed by default.

When deploying a Teradata ecosystem from a solution template, Teradata uses a different set of security rules for the following ecosystem software and defines the network security group on the NICs of each of these VMs:
  • Teradata Data Mover
  • Teradata Data Stream Controller
  • Teradata Query Service
  • Teradata Server Management
  • Teradata Viewpoint

When deploying Teradata software separately from an image, you create a new or select an existing public IP address as well as a network security group when you configure the software.

If you are not deploying a multi-node VM using a solution template, you must add inbound TCP 22 and UDP 1001-1002 ports.

Direction Protocol Port Description
Inbound TCP 22 SSH
TCP 1025 Vantage to the public cloud
TCP 64432 If using mainframe connectivity
UDP 1001-1002 If using a non-traditional deployment method (internal only)