Flow matrix
| Protocol | Source | Destination | Destination Port(s) | Mandatory | Usage |
|---|---|---|---|---|---|
| TCP | avalon_production | Devices Management Network | 22 | Yes | Application access to the devices management network |
| TCP | Network administrator workstations | avalon_production | 22, 443, 8443 | Yes | Access for the customer team to the VA/VM, Avalon Manager, and the application |
| TCP | avalon_production | Avalon releases server (FQDN communicated during onboarding) | 443 | No | Retrieval of Docker images needed for application functionality (filtering on customer's public IPs) |
| TCP | VPN / Bastion Network | avalon_production | 22, 443, 8443 | No | Access for the Avalon team to the VA/VM, Avalon Manager, and the application |
| UDP | Devices Management Network | avalon_production | 67 | No | DHCP for ZTP/ZTR |
| UDP | Devices Management Network | avalon_production | 69 | No | TFTP for ZTP/ZTR and NOS(*) upgrades |
| UDP | Devices Management Network | avalon_production | 514 | No | Syslog for log collection and alarm configuration on events |
| TCP | avalon_production | Customer's LDAP servers | 389, 636 | No | User authentication based on LDAP |
| TCP | avalon_production | Customer's mail servers | 25, 587 | No | Sending emails at the end of scheduled services or alerts on detected log events |
| TCP | avalon_production | Customer's configuration storage server | 22, 445 | No | Automatic transfer of configuration backups to an internal server |
Note
NOS stands for Network Operating System
