Baffle Manager enables encryption policies and configurations by communicating with the Baffle Shield and databases. Baffle Manager constructs a privacy schema that maps key IDs to data columns to enable encryption in a simplified manner.
The following table lists the ports that you need to open on respective systems to enable Baffle Manager communications during the deployment process.
Host |
Port Required |
Direction |
Purpose |
Baffle Manager |
22 |
Inbound |
Console access |
Baffle Manager |
80 |
Inbound |
Binary downloads |
Baffle Manager |
443 |
Inbound |
Web interface access |
Baffle Manager |
8443 |
Inbound |
Baffle Shield client access |
Baffle Manager |
8553 |
Inbound |
Baffle Shield client access. |
Baffle Manager |
22 |
Outbound |
Baffle Shield configuration |
Baffle Manager |
1433 |
Outbound |
Database schema mapping |
Baffle Manager |
5696 |
Outbound |
KeySecure access |
Baffle Shield |
22 |
Inbound |
Console and Baffle Manager access |
Baffle Shield |
8444 |
Inbound |
Application communication |
Baffle Shield |
80 |
Outbound |
Binary file retrieval from Baffle Manager |
Baffle Shield |
8555 |
Inbound |
Can be configured for Health Monitoring. |
Baffle Shield |
14331 |
Outbound |
Database access |
Baffle Shield |
5696 |
Outbound |
KeySecure access |
Database Server |
14332 |
Inbound |
Baffle Manager and Baffle Shield |
KeySecure |
5696 |
Inbound |
Baffle Manager and Baffle Shield key config and retrieval |
HashiCorp |
8200 |
Inbound |
Baffle Manager and Baffle Shield key config and retrieval |
1 For SQL Server default port communications
2 For SQL Server default port communications
Figure 5‑1. Baffle Manager Communications
Comments
Please sign in to leave a comment.