English

Security Requirements

Contributors ciarm dmp-netapp Download PDF of this page

The security requirements include:

  • Provide an allow list for firewalls.

  • The access control list (ACL) for API’s RBAC and Active IQ Unified Manager.

Source Destination URL/IP Addresses Connectivity Protocol Port Description

Kubernetes nodes

github.com

Outbound

HTTP, HTTPS

80,443

NetApp Service Engine platform configuration management

Kubernetes nodes

rest.zuora.com

Outbound

HTTP, HTTPS

80,443

NetApp cloud billing

Kubernetes nodes

auth.docker.io

Outbound

HTTP, HTTPS

80,443

Docker registry auth

Kubernetes nodes

registry-1.docker.io

Outbound

HTTP, HTTPS

80,443

Docker Hub images; general Docker images including NetApp Service Engine pods

Kubernetes nodes

production.cloudflare.docker.com

Outbound

HTTP, HTTPS

80,443

Docker Hub images; general Docker images including NetApp Service Engine pods

Kubernetes nodes

quay.io

Outbound

HTTP, HTTPS

80,443

Quay images - Prometheus Pods

Kubernetes nodes

cdn.quay.io

Outbound

HTTP, HTTPS

80,443

Quay images - Prometheus Pods

Kubernetes nodes

k8s.gcr.io

Outbound

HTTP, HTTPS

80,443

Google images - Kubernetes Cluster Pods

Kubernetes nodes

storage.googleapis.com

Outbound

HTTP, HTTPS

80,443

Google images - Kubernetes Cluster Pods

Kubernetes nodes

kubernetes-charts.storage.googleapis.com

Outbound

HTTP, HTTPS

80,443

Helm repository

All CentOS VMs

rackspace.com

Outbound

HTTP, HTTPS

80,443

CentOS yum package mirror

OpsRamp Gateway

netapp.api.opsramp.com

Outbound

HTTPS

443

Cloud monitoring and NetApp Support tunnel connectivity

OpsRamp Gateway

140.239.76.0/24
206.80.7.128/26
63.251.89.0/24
199.250.248.0/24
74.217.75.0/24

Outbound

HTTPS

443

Cloud monitoring and NetApp Support tunnel connectivity