The following diagram illustrates deploying BMC Cloud Lifecycle Management 3.1 in a secure multi-tier network topology. This restricts each component's open ports and allows communication only where necessary for product functionality. The majority of the ports are customer defined, but the following figure shows a specific set of ports that is documented in the port mappings.
For this secure deployment, each component needs a separate subnet with firewalls set up between each subnet to restrict traffic. You must enable only the ports shown; all other ports or connections must be blocked.