AlienVault® USM Anywhere™

List of Configuration Issues in USM Anywhere

Role Availability Read-Only Analyst Manager

This table includes all configuration issues you can find in USM Anywhere:

List of Configuration Issues in USM Anywhere
Category Subcategory Protocol (Port) Description
Global access to administration port SSH TCP (22) Global access to the SSHProgram to securely log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another through Secure Copy (SCP). port has been defined within this security group. This should be restricted to the IP Range of the company.
Global access to internal port DNS (UDP) UDPSimple transmission protocol that does not require recipient notification and uses datagrams for its messaging. UDP is part of the transport layer in the TCP/IP protocol. (53) Global access to the DNS port has been defined within this security group.
Global access to internal port DNS (TCP) TCP (53) Global access to the DNS port has been defined within this security group.
Global access to internal port Mini SQL TCP (4333) Global access to the MSQL port has been defined within this security group. This should be an internally facing port only.
Global access to internal port SQL Server (UDP Port) UDP (1434) Global access to the SQL Server port has been defined within this security group. This should be an internally facing port only.
Global access to internal port SQL Server (TCP Port) TCP (1433) Global access to the SQL Server port has been defined within this security group. This should be an internally facing port only.
Global access to internal port PostgreSQL Server TCP (5432) Global access to the PostgreSQL port has been defined within this security group. This should be an internally facing port only.
Global access to internal port MySQL Server TCP (3306) Global access to the MySQL port has been defined within this security group. This should be an internally facing port only.
Global access to internal port Syslog UDP (514) Global access to the Syslog port has been defined within this security group. This should be an internally facing port only.
Global access to internal port rsync TCP (873) Global access to the rsync port has been defined within this security group. This should be an internally facing port only.
Global access to internal port MongoDB (UDP) UDP (27017) Global access to the MongoDB port has been defined within this security group. This should be an internally facing port only.
Global access to internal port MongoDB (TCP) TCP (27017) Global access to the MongoDB port has been defined within this security group. This should be an internally facing port only.
Global access to internal port CouchDB (UDP) UDP (5984) Global access to the CouchDB port has been defined within this security group. This should be an internally facing port only.
Global access to internal port CouchDB (TCP) TCP (5984) Global access to the CouchDB port has been defined within this security group. This should be an internally facing port only.
Global access to administration port VNC Server TCP (5900) Global access to the VNC Server port has been defined within this security group. This should be restricted to a company owned CIDRClassless Inter-Domain Routing, which provides a method for allocating IP addresses, routing Internet protocol packets, and subdividing networks. CIDR notation provides a syntax for specifying a range of IP addresses..
Global access to administration port VNC Listener TCP (5500) Global access to the VNC Listener port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to administration port Windows RPC TCP (135) Global access to the Windows RPC port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to administration port Windows Remote Desktop TCP (3389) Global access to the Windows Remote Desktop port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to administration port Telnet TCP (23) Global access to the Telnet port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to administration port X11 (TCP) TCP (6000) Global access to the X11 port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to administration port X11 (UDP) UDP (6001) Global access to the X11 port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port SMTP TCP (25) Global access to the SMTP port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port FTP TCP (21) Global access to the FTP port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port FTP Data TCP (20) Global access to the FTP (data) port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port CIFS UDP (445) Global access to the CIFS port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port NetBios (Named Services) UDP (137) Global access to the NetBios (Named Services) port has been defined within this security group. This should be restricted to a company owned CIDR.
Global access to service port NetBios (Datagram Services) UDP (138) Global access to the NetBios (Datagram Services) port has been defined within this security group. This should be restricted to a company owned CIDR.
ICMP globally permitted ICMP ICMP ICMP is globally permitted.
Global access to service port All TCP Ports Open TCP (1) All TCP ports have been explicitly permitted by this security group. Access to your system should be restricted to the minimal set of TCP ports you require to access for operation. In addition, ensure ports that are for administrative access or do not require global access should be restricted to a company owned CIDR.
Global access to service port All UDP Ports Open UDP (1) All UDP ports have been explicitly permitted by this security group. Access to your system should be restricted to the minimal set of UDP ports you require to access for operation. In addition, ensure ports that are for administrative access or do not require global access should be restricted to a company owned CIDR.