When configuring a network security group, set up the port ranges listed below for each Vantage VM so you can lock down the system to the local host. If you deploy a Teradata ecosystem or deploy Vantage on Azure (DIY) using a solution template, you must open inbound port 1025 as it is closed by default.
When deploying a Teradata ecosystem from a solution template, Teradata uses a different set of security rules for the following ecosystem software and defines the network security group on the NICs of each of these VMs:
- Teradata Data Mover
- Teradata Data Stream Controller
- Teradata Ecosystem Manager
- Teradata Query Service
- Teradata Server Management
- Teradata Unity
- Teradata Viewpoint
When deploying Teradata software separately from an image, you create a new or select an existing public IP address as well as a network security group when you configure the software.
If you are not deploying a multi-node VM using a solution template, you must add inbound TCP 22 and UDP 1001-1002 ports.
Vantage | |||
---|---|---|---|
Direction | Protocol | Port | Description |
Inbound | TCP | 22 | SSH |
TCP | 1025 | Vantage to the public cloud | |
TCP | 64432 | If using mainframe connectivity | |
UDP | 1001-1002 | If using a non-traditional deployment method (internal only) |