Component | Port | Type | Source | Target | Purpose | Remark | ||
|---|---|---|---|---|---|---|---|---|
CAF filter | 1433 | TCP | Bastion | Database | Allowing the CAF filter to load the configuration and certificate analysis details | |||
External access for bastion listening ports | 443 | TCP | * | Bastion | * | Allowing external clients to be filterd by the CAF | Configured during the initial configuration of the Bastion based on the particular integration requirement (common application such as ADFS will require 443)Permit ADFS access only to managed devices with client certificates | For Client Certificate authentication to work there must not be any SSL termination between the client device and Bastion. |
Admin Portal | 1433 | TCP | Admin Portal | Database | Allowing to configure the certificate analysis details and MDM integration | |||
Admin Portal | MDM API port | TCP | Admin Portal | MDM API | To allow integration with the API and pull managed device information | Required only in case of implementing MDM device auditing |
...