GigaVUE Cloud Suite for Azure
This section describes the requirements and prerequisites for configuring the . Refer to the following section for details.
Recommended Instance Type
Note: Additional instance types are also supported. Refer to Support, Sales, or Professional Services for deployment optimization.
|
Product |
Instance Type | vCPU | RAM |
|---|---|---|---|
|
GigaVUE V Series Node |
Standard_D4s_v4 |
4 vCPU |
16 GB |
|
Standard_D8S_V4 |
8 vCPU |
32 GB |
|
|
GigaVUE V Series Proxy |
Standard_B1s |
1 vCPU |
1 GB |
|
UCT-V Controller |
Standard_B1s |
1 vCPU |
1 GB |
Network Firewall Requirements for Azure
The following table lists the Network Firewall / Security Group requirements for GigaVUE Cloud Suite.
Note: When using dual stack network, the below mentioned ports must be opened for both IPv4 and IPv6.
|
Direction |
Protocol |
Port |
CIDR |
Purpose |
||||||||||||
|
GigaVUE‑FM |
||||||||||||||||
|
Inbound |
TCP |
443 |
Administrator Subnet |
Allows GigaVUE-FM to create Management connection. |
||||||||||||
|
Inbound |
TCP |
22 |
Administrator Subnet |
Allows CLI access for user-initiated management and diagnostics. |
||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
TCP |
443 |
UCT-V Controller IP |
Allows GigaVUE-FM to receive registration requests from UCT-V Controller. |
||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
TCP |
443 |
GigaVUE V Series Node IP |
Allows GigaVUE-FM to receive registration requests from GigaVUE V Series Node, when GigaVUE V Series Proxy is not used. |
||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
TCP |
443 |
GigaVUE V Series Proxy IP |
Allows GigaVUE-FM to receive registration requests from GigaVUE V Series Proxy. |
||||||||||||
|
Inbound |
TCP |
5671 |
GigaVUE V Series Node IP |
Allows GigaVUE‑FM to receive traffic health updates from GigaVUE V Series Nodes. |
||||||||||||
|
Inbound |
TCP |
5671 |
UCT-V or Subnet IP |
Allows GigaVUE‑FM to receive statistics from Next Generation UCT-V. |
||||||||||||
|
Inbound |
UDP |
2056 |
GigaVUE V Series Node IP |
Allows GigaVUE‑FM to receive Application Intelligence and Application Visualization reports from GigaVUE V Series Node. |
||||||||||||
|
Outbound |
TCP |
9900 |
GigaVUE‑FM IP |
Allows GigaVUE‑FM to communicate control plane and data plane traffic with UCT-V Controller |
||||||||||||
|
Outbound (optional) |
TCP |
8890 |
GigaVUE V Series Proxy IP |
Allows GigaVUE‑FM to communicate control plane and data plane traffic to GigaVUE V Series Proxy |
||||||||||||
|
Outbound |
TCP |
8889 |
GigaVUE V Series Node IP |
Allows GigaVUE‑FM to communicate control plane and data plane traffic to GigaVUE V Series Node |
||||||||||||
|
Outbound |
TCP |
443 |
GigaVUE-FM IP Address |
Allows GigaVUE‑FM to reach the Public Cloud Platform APIs. |
||||||||||||
|
Outbound |
TCP |
8443 |
UCT-C Controller IP Address |
Allows GigaVUE‑FM to communicate with UCT-C Controller |
||||||||||||
|
UCT-V Controller |
||||||||||||||||
|
Inbound |
TCP |
9900 |
GigaVUE‑FM IP |
Allows UCT-V Controller to communicate with GigaVUE‑FM |
||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
TCP |
8891 |
UCT-V or Subnet IP |
Allows UCT-V Controller to receive the registration requests from UCT-V. |
||||||||||||
|
Inbound |
TCP |
22 |
Administrator Subnet |
Allows CLI access for user-initiated management and diagnostics, specifically when using third party orchestration. |
||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
TCP |
443 |
GigaVUE‑FM IP |
Allows UCT-V Controller to send the registration requests to GigaVUE-FM |
||||||||||||
|
Outbound |
TCP |
9901 |
UCT-V Controller IP |
Allows UCT-V Controller to communicate with UCT-Vs. |
||||||||||||
|
Outbound |
TCP |
5671 |
GigaVUE-FM IP |
Allows UCT-V Controller to send traffic health updates to GigaVUE‑FM. |
||||||||||||
|
UCT-V |
||||||||||||||||
|
Inbound |
TCP |
9901 |
UCT-V Controller IP |
Allows UCT-V to receive stateful communication from UCT-V Controller |
||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
TCP |
8891 |
UCT-V or Subnet IP |
Allows UCT-V to communicate with UCT-V Controller for registration and Heartbeat |
||||||||||||
|
Outbound |
|
VXLAN (default 4789) |
UCT-V or Subnet IP |
Allows UCT-V to (VXLAN/L2GRE) tunnel traffic to V Series nodes |
||||||||||||
|
Outbound |
TCP |
11443 |
UCT-V subnet |
Allows UCT-V to securely transfer the traffic to GigaVUE V Series Node |
||||||||||||
|
Outbound |
TCP |
9900 |
UCT-V Controller IP |
Allows UCT-V to send traffic health updates to UCT-V Controller. |
||||||||||||
|
GigaVUE V Series Proxy (optional) |
||||||||||||||||
|
Inbound |
TCP |
8890 |
GigaVUE‑FM IP |
Allows GigaVUE‑FM to communicate with GigaVUE V Series Proxy |
||||||||||||
|
Inbound (This is the port used for Third Party Orchestration) |
TCP |
8891 |
GigaVUE V Series Node IP |
Allows GigaVUE V Series Proxy to receive registration requests and heartbeat messages from GigaVUE V Series Node. |
||||||||||||
|
Inbound |
TCP |
22 |
Administrator Subnet |
Allows CLI access for user-initiated management and diagnostics, specifically when using third party orchestration. |
||||||||||||
|
Outbound |
TCP |
443 |
GigaVUE-FM IP |
Allows GigaVUE V Series Proxy to communicate the registration requests to GigaVUE-FM |
||||||||||||
|
Outbound |
TCP |
8889 |
GigaVUE V Series Node IP |
Allows GigaVUE V Series Proxy to communicate with GigaVUE V Series Node |
||||||||||||
|
GigaVUE V Series Node |
||||||||||||||||
|
Inbound |
TCP |
8889 |
GigaVUE-FM IP |
Allows GigaVUE V Series Node to communicate with GigaVUE-FM |
||||||||||||
|
Inbound |
TCP |
8889 |
GigaVUE V Series Proxy IP |
Allows GigaVUE V Series Node to communicate with GigaVUE V Series Proxy. |
||||||||||||
|
Inbound |
|
|
UCT-V or Subnet IP |
Allows GigaVUE V Series Node to (VXLAN/L2GRE) tunnel traffic to UCT-V. |
||||||||||||
|
Inbound |
UDPGRE |
4754 |
Ingress Tunnel |
Allows GigaVUE V Series Node to communicate and tunnel traffic from UDPGRE Tunnel |
||||||||||||
|
Inbound |
TCP |
22 |
Administrator Subnet |
Allows CLI access for user initiated management and diagnostics, specifically when using third party orchestration. |
||||||||||||
|
Outbound |
TCP |
5671 |
GigaVUE-FM IP |
Allows GigaVUE V Series Node to send traffic health updates to GigaVUE‑FM |
||||||||||||
|
Outbound |
|
VXLAN (default 4789) |
Tool IP |
Allows GigaVUE V Series Node to communicate and tunnel traffic to the tool |
||||||||||||
|
Outbound |
UDP |
2056 |
GigaVUE-FM IP |
Allows GigaVUE V Series Node to send Application Intelligence, Application Visualization reports to GigaVUE-FM |
||||||||||||
|
Outbound |
UDP |
2055 |
Tool IP |
Allows GigaVUE V Series Node to send NetFlow traffic to external tool. |
||||||||||||
|
Outbound |
UDP |
514 |
Tool IP |
Allows GigaVUE V Series Node to send Application Metadata Intelligence log messages to external tool. |
||||||||||||
|
Outbound (optional) |
ICMP |
|
Tool IP |
Allows GigaVUE V Series Node to send health check tunnel destination traffic |
||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
TCP |
8891 |
GigaVUE V Series Proxy IP |
Allows GigaVUE V Series Node to send registration requests and heartbeat messages to GigaVUE V Series Proxy when GigaVUE V Series Proxy is used. |
||||||||||||
|
Outbound (This is the port used for Third Party Orchestration) |
TCP |
443 |
GigaVUE-FM IP Address |
Allows GigaVUE V Series Node to send registration requests and heartbeat messages to GigaVUE-FM when GigaVUE V Series Proxy is not used. |
||||||||||||
|
Bidirectional |
TCP |
11443 |
GigaVUE V Series Node subnet |
Allows to securely transfer the traffic in between GigaVUE V Series Nodes. |
||||||||||||
|
Universal Cloud Tap - Container deployed inside Kubernetes worker node |
||||||||||||||||
|
Outbound |
TCP |
42042 |
Any IP address |
Allows UCT-C to send statistics to UCT-C Controller. |
||||||||||||
|
UCT-C Controller deployed inside Kubernetes worker node |
||||||||||||||||
|
Inbound |
TCP |
8443 (configurable) |
Any IP address |
Allows UCT-C Controller to communicate with GigaVUE-FM |
||||||||||||
|
Outbound |
TCP |
5671 |
Any IP address |
Allows UCT-C controller to send statistics to GigaVUE-FM. |
||||||||||||
|
Outbound |
TCP |
VXLAN (default 4789) |
Any IP address |
Allows UCT-C Controller to communicate and tunnel traffic to the tool |
||||||||||||
|
Outbound |
TCP |
443 |
Any IP address |
Allows UCT-C Controller to communicate with GigaVUE-FM |
||||||||||||
