Documentation Center
AlienVault® USM Anywhere™

List of Configuration Issues in USM Anywhere

  Role Availability   Read-Only   Analyst   Manager

The following is a table that includes all configuration issues you can find in USM Anywhere.

List of Configuration Issues in USM Anywhere
Category Subcategory Protocol (Port) Description
Global access to administration port SSH TCP (22) Global access to the SSH port has been defined within this security group. This should be restricted to the IP Range of the company
Global access to internal port DNS (UDP) UDP (53) Global access to the DNS port has been defined within this security group
Global access to internal port DNS (TCP) TCP (53) Global access to the DNS port has been defined within this security group
Global access to internal port Mini SQL TCP (4333) Global access to the MSQL port has been defined within this security group. This should be an internally facing port only
Global access to internal port SQL Server (UDP Port) UDP (1434) Global access to the SQL Server port has been defined within this security group. This should be an internally facing port only
Global access to internal port SQL Server (TCP Port) TCP (1433) Global access to the SQL Server port has been defined within this security group. This should be an internally facing port only
Global access to internal port PostgreSQL Server TCP (5432) Global access to the PostgreSQL port has been defined within this security group. This should be an internally facing port only
Global access to internal port MySQL Server TCP (3306) Global access to the MySQL port has been defined within this security group. This should be an internally facing port only
Global access to internal port Syslog UDP (514) Global access to the Syslog port has been defined within this security group. This should be an internally facing port only
Global access to internal port rsync TCP (873) Global access to the rsync port has been defined within this security group. This should be an internally facing port only
Global access to internal port MongoDB (UDP) UDP (27017) Global access to the MongoDB port has been defined within this security group. This should be an internally facing port only
Global access to internal port MongoDB (TCP) TCP (27017) Global access to the MongoDB port has been defined within this security group. This should be an internally facing port only
Global access to internal port CouchDB (UDP) UDP (5984) Global access to the CouchDB port has been defined within this security group. This should be an internally facing port only
Global access to internal port CouchDB (TCP) TCP (5984) Global access to the CouchDB port has been defined within this security group. This should be an internally facing port only
Global access to administration port VNC Server TCP (5900) Global access to the VNC Server port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port VNC Listener TCP (5500) Global access to the VNC Listener port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port Windows RPC TCP (135) Global access to the Windows RPC port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port Windows Remote Desktop TCP (3389) Global access to the Windows Remote Desktop port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port Telnet TCP (23) Global access to the Telnet port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port X11 (TCP) TCP (6000) Global access to the X11 port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to administration port X11 (UDP) UDP (6001) Global access to the X11 port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port SMTP TCP (25) Global access to the SMTP port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port FTP TCP (21) Global access to the FTP port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port FTP Data TCP (20) Global access to the FTP (data) port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port CIFS UDP (445) Global access to the CIFS port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port NetBios (Named Services) UDP (137) Global access to the NetBios (Named Services) port has been defined within this security group. This should be restricted to a company owned CIDR
Global access to service port NetBios (Datagram Services) UDP (138) Global access to the NetBios (Datagram Services) port has been defined within this security group. This should be restricted to a company owned CIDR
ICMP globally permitted ICMP ICMP ICMP is globally permitted
Global access to service port All TCP Ports Open TCP (1) All TCP ports have been explicitly permitted by this security group. Access to your system should be restricted to the minimal set of TCP ports you require to access for operation. In addition, ensure ports that are for administrative access or do not require global access should be restricted to a company owned CIDR
Global access to service port All UDP Ports Open UDP (1) All UDP ports have been explicitly permitted by this security group. Access to your system should be restricted to the minimal set of UDP ports you require to access for operation. In addition, ensure ports that are for administrative access or do not require global access should be restricted to a company owned CIDR