Network ports

Network ports are virtual points for networking connections that allow services or applications running at different locations to talk to each other. Each port is associated with a particular service and receives or transmits communication for that specific service.

BMC Helix IT Operations Management (BMC Helix ITOM) consists of several components that use ports for communication. This topic lists the ports used by BMC Helix ITOM components.

Standard ports used for communication

Source component	Destination	Port	Direction
Local image registry. For example, Harbor registry.	BMC DTR Kubernetes container registry Google container registry	443 is the default port. You can use custom ports.	Outbound
Users or clients	Load balancer	443	Outbound
Kubernetes cluster	BMC Discovery	443	Inbound and outbound
	BMC Discovery Communication	25030 through 25033 For more information about the ports used by BMC Discovery , see System communications and network ports in the BMC Discovery documentation. For multi-nodes: Ports 443 and 25030 through 25033 from the discovery nodes to the cluster worker nodes. Ports 443 and 25030 through 25033 from the Load Balancer (LB) to the discovery nodes. Ports 443 and 25030 through 25033 from the cluster worker nodes to the Load Balancer (LB). Ports 443 and 25030 through 25033 from the cluster nodes to the discovery nodes.	Inbound and outbound
	Local image registry. For example, Harbor registry.	443, 80 The default Harbor registry port is 80 if the Secure Socket Layer (SSL) is not enabled.	Outbound
	Database server	The database port varies based on your database type and service. The TCP port 5432 is used to expose the PostgreSQL database server.	Outbound
	SMTP Server	25 is the default port. You can use custom ports. Use port 587 for encrypted email transmissions using SMTP Secure (SMTPS).	Outbound from all worker nodes
	Active Directory Server	636 is the default port. You can use custom ports.	Outbound
	Active Directory Federation Services (ADFS) server (SAML)	2500 is the default port. You can use custom ports.	Outbound
	BMC Helix IT Service Management server	Usually, 443 (https). The BMC Helix IT Service Management service port might be different for some of the customer setups and cloud deployments.	Outbound
BMC Discovery	BMC Helix Operations Management Virtual IP (Load balancer)	443	Outbound
External Load Balancer	NGINX Ingress controller	The Ingress controller service port varies based on your Kubernetes platform and the Ingress controller service.	Inbound and outbound
NGINX Ingress Controller	Kubernetes Cluster	NGINX Ingress service port from 30000-32767	Outbound
LDAP sync agent (runs on customer’s server)	LDAP server	389 This port might vary based on the configuration and cloud deployments.	Outbound
LDAP sync agent (runs on customer’s server)	Load balancer or HA proxy	443	Inbound and outbound

Ports used by specific BMC Helix ITOM components

BMC Helix Operations Management ports

Source component	Destination	Port	Direction
PATROL Agents	Load balancer	443	Inbound and outbound
Cell Gateway	BHOM	443	Inbound
Cell Gateway	Load balancer	443	Inbound and outbound

BMC Helix Continuous Optimization ports

Source component	Destination	Port	Direction
Remote ETL Engine (REE)	Load balancer	443	Outbound

BMC Helix Log Analytics and BMC Helix Developer Tools ports

Source component	Destination	Port	Direction
BMC Helix Log Analytics (BHLA) log collectors	Logs	443	Inbound

BMC Helix Intelligent Automation ports

Source component	Destination	Port	Direction
IA on-prem connector	Connects to third-party applications through REST over HTTP.	8000 (default) or 8443 (SSL)	Inbound