cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
RexDeus9
Quartz | Level 8 RexDeus9
Quartz | Level 8

9.4 Web server port hardening

Posted 02-27-2022 02:58 PM (285 views)

Hi,

 

Just a process question I'm dealing with. With the task of deploying a new 9.4 platform, I'm currently dealing with a Network Security guy who wants to harden the server ports BEFORE the Mit-Tier server gets deployed. Shouldn't this step be done AFTER the deployment, when you can clearly analyze ALL the ports involved.

 

The install keeps failing because some ports are not made available.

 

Anyone experienced this? input appreciated!

 

 

Rex

 

 

 

 

 

0 Likes
Reply
4 REPLIES 4
SASKiwi
Opal | Level 21 SASKiwi
Opal | Level 21

Re: 9.4 Web server port hardening

Posted 02-27-2022 04:22 PM (260 views)  |   In reply to RexDeus9

For a new SAS installation, typically a TCP port list is created containing all the required ports and server network flows. If this is done correctly it shouldn't matter whether you harden before or after installation as all the firewall rules should align with your SAS servers' network traffic.

 

If there are any additional installation-specific port requirements, these should be part of your implementation plan.  

0 Likes
Reply
RexDeus9
Quartz | Level 8 RexDeus9
Quartz | Level 8

Re: 9.4 Web server port hardening

Posted 02-27-2022 06:41 PM (250 views)  |   In reply to SASKiwi

 

"A TCP port list is created", by who'm? The general port list offered by SAS is not even available in one coherent document.

 

 

0 Likes
Reply
SASKiwi
Opal | Level 21 SASKiwi
Opal | Level 21

Re: 9.4 Web server port hardening

Posted 02-27-2022 07:25 PM (241 views)  |   In reply to RexDeus9

By the team implementing the installation. This doc is a good starting point, but obviously it will depend on what products and SAS architecture you are using.

Reply
Sajid01
Meteorite | Level 14 Sajid01
Meteorite | Level 14

Re: 9.4 Web server port hardening

Posted 03-01-2022 08:16 PM (203 views)  |   In reply to RexDeus9

Typically SAS servers are a part of the corporate intranet behind firewalls and accessible from within the intranet.

Typically users cannot physically log into the servers. Typically https configuration takes post installation of mid tier.

With this being the fact, hardening the ports is a broad statement and depends upon what your "network guy" wants to do.. 
The best approach will be to approach SAS Tech Support with  details of what your "network guy" wants to do.

 

0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

CLI in SAS Viya

Learn how to install the SAS Viya CLI and a few commands you may find useful in this video by SAS’ Darrell Barton.

Watch CLI in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 4 replies
  • ‎02-27-2022 02:58 PM
  • 286 views
  • 1 like
  • 3 in conversation