Skip to end of metadata
Go to start of metadata



Network traffic

Certain functions of the Cryptshare Server require network connections to other systems. To do this, the network, and in particular intermediate firewalls, must be configured accordingly.

Ports

Please refer to the table below for the required network traffic that has to be permitted. Be aware that most of the network ports can be configured individually (for example, the web server ports), so the actual ports may be different.

Port # (Default)

ServiceDirectionSource/Destination

Purpose

80HTTPInboundUser clients (Intranet and Internet)Access to the Cryptshare User Interface.
443HTTPSInboundUser clients (Intranet and Internet)Access to the Cryptshare User Interface.
80HTTPOutboundOS Update Repositories (Internet)

Access to update repositories for the Operation System (Appliances only).

443HTTPSOutboundCryptshare Update ServerAccess to update repositories for the Cryptshare Server Application
8080HTTPSInboundAdministrative clients (recommendation: Intranet only)Access to the Cryptshare Administration Interface.
9090HTTPInboundAdministrative clients (recommendation: Intranet only)Access to the Cryptshare Administration Interface.

22

SSHInboundAdministrative clients (recommendation: Intranet only)

Access to the operation system shell via SSH (Linux and Appliances only).

25

SMTPOutboundEmail server / SMTP relay (Intranet)

Email Delivery/Relaying for outgoing emails from the Cryptshare Server.

465SMTPSOutboundEmail server / SMTP relay (Intranet)Email Delivery/Relaying for outgoing emails from the Cryptshare Server - authenticated SMTP over TLS/SSL (SMTPS). This is only required when the Mail Server Settings are configured to use this port.
587SMTPOutboundEmail server / SMTP relay (Intranet)Email Delivery/Relaying for outgoing emails from the Cryptshare Server - email message submission (SMTP) . This is only required when the Mail Server Settings are configured to use this port.

389

LDAPOutboundLDAP server (Intranet)

LDAP queries to resolve policy rules. This is only required if the LDAP interface of Cryptshare is used.

686

LDAPSOutboundLDAP server (Intranet)

LDAP queries to resolve policy rules. This is only required if the LDAP interface of Cryptshare is used.

3268

LDAPOutboundActive Directory server (Intranet)

LDAP queries to resolve policy rules against the Global Search Catalog. This is only required if the LDAP interface of Cryptshare is used with an Active Directory and requests will be issued against the Global Search Catalog.

22SSHOutboundArchive server (Intranet)Access to the file system of the archive server. This is only required if the archiving interface (secure copy) is activated.

In addition, it may be necessary to configure an activated software firewall on the Cryptshare Server itself. On Cryptshare appliances, the integrated firewall (SuSEFirewall) is not active by default. For all other systems, please refer to the help of your operating system / software firewall.

Cookies

The Cryptshare web application uses cookies to recognize a browser session, to identify a verified user and to store additional user data. In order to ensure proper and user-friendly operation, the exchange between the browser and the Cryptshare server of the cookies described below has to be permitted.

NameScopeDescription
cs-ui-sessionUser interfaceSession cookie for the web application user interface.
client_idUser interfaceUnique ID used to differentiate different clients.
active_userUser interfaceStores which of the saved sender mail addresses is currently used.

user_email<index>

User interface

Stores details for a saved sender mail address.

These cookies exist multiple times - one for each Cryptshare user. Therefore the cookie name ends with a consecutive number, starting with 0. Examples:

user_email0

sender_phone2

sender_name<index>
sender_phone<index>
verification_token<index>
terms_of_useUser interfaceStores the date the terms of use were accepted at in order to check if they need to be accepted again after a change.
show_ccUser interfaceStores the toggle state of the "CC" button when sending a new transfer.
show_bccUser interfaceStores the toggle state of the "BCC" button when sending a new transfer.
show_download_detailsUser interfaceStores the toggle state of the details section expand button when retrieving a transfer.
cs-ai-sessionAdministration interfaceSession cookie for the web application of the administration interface.
Table of Contents




  • No labels