https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799031#M23849 <P>&nbsp;</P><P><SPAN>"A TCP port list is created", by who'm? The general port list offered by SAS is not even available in one coherent document.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Sun, 27 Feb 2022 23:41:46 GMT RexDeus9 2022-02-27T23:41:46Z https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799001#M23847 <P>Hi,</P><P>&nbsp;</P><P>Just a process question I'm dealing with. With the task of deploying a new 9.4 platform, I'm currently dealing with a Network Security guy who wants to harden the server ports BEFORE the Mit-Tier server gets deployed. Shouldn't this step be done AFTER the deployment, when you can clearly analyze ALL the ports involved.</P><P>&nbsp;</P><P>The install keeps failing because some ports are not made available.</P><P>&nbsp;</P><P>Anyone experienced this? input appreciated!</P><P>&nbsp;</P><P>&nbsp;</P><P>Rex</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 27 Feb 2022 19:58:55 GMT https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799001#M23847 RexDeus9 2022-02-27T19:58:55Z https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799011#M23848 <P>For a new SAS installation, typically a TCP port list is created containing all the required ports and server network flows. If this is done correctly it shouldn't matter whether you harden before or after installation as all the firewall rules should align with your SAS servers' network traffic.</P> <P>&nbsp;</P> <P>If there are any additional installation-specific port requirements, these should be part of your implementation plan.&nbsp;&nbsp;</P> Sun, 27 Feb 2022 21:22:25 GMT https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799011#M23848 SASKiwi 2022-02-27T21:22:25Z https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799031#M23849 <P>&nbsp;</P><P><SPAN>"A TCP port list is created", by who'm? The general port list offered by SAS is not even available in one coherent document.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Sun, 27 Feb 2022 23:41:46 GMT https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799031#M23849 RexDeus9 2022-02-27T23:41:46Z https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799035#M23850 <P>By the team implementing the installation. This <A href="https://documentation.sas.com/doc/en/bicdc/9.4/biig/n02027intelplatform00install.htm" target="_blank" rel="noopener">doc</A> is a good starting point, but obviously it will depend on what products and SAS architecture you are using.</P> Mon, 28 Feb 2022 00:25:03 GMT https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799035#M23850 SASKiwi 2022-02-28T00:25:03Z https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799473#M23861 <P>Typically SAS servers are a part of the corporate intranet behind firewalls and accessible from within the intranet.</P> <P>Typically users cannot physically log into the servers. Typically https configuration takes post installation of mid tier.</P> <P>With this being the fact, hardening the ports is a broad statement and depends upon what your "network guy" wants to do..&nbsp;<BR />The best approach will be to approach SAS Tech Support with&nbsp; details of what your "network guy" wants to do.</P> <P>&nbsp;</P> Wed, 02 Mar 2022 01:16:45 GMT https://communities.sas.com/t5/Administration-and-Deployment/9-4-Web-server-port-hardening/m-p/799473#M23861 Sajid01 2022-03-02T01:16:45Z