Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Network tap wikipedia , lookup
Spanning Tree Protocol wikipedia , lookup
Remote Desktop Services wikipedia , lookup
TCP congestion control wikipedia , lookup
Distributed firewall wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Parallel port wikipedia , lookup
Avaya Port Matrix: Integrated Management 4.0 Compas ID 126659 Issue 1 March 2007 ALL INFORMATION IS BELIEVED TO BE CORRECT AT THE TIME OF PUBLICATION AND IS PROVIDED "AS IS". AVAYA INC. DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND FURTHERMORE, AVAYA INC. MAKES NO REPRESENTATIONS OR WARRANTIES THAT THE INFORMATION PROVIDED HEREIN WILL ELIMINATE SECURITY THREATS TO CUSTOMERS’ SYSTEMS. AVAYA INC., ITS RELATED COMPANIES, DIRECTORS, EMPLOYEES, REPRESENTATIVES, SUPPLIERS OR AGENTS MAY NOT, UNDER ANY CIRCUMSTANCES BE HELD LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, PUNITIVE, EXEMPLARY, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF THE INFORMATION PROVIDED HEREIN. THIS INCLUDES, BUT IS NOT LIMITED TO, THE LOSS OF DATA OR LOSS OF PROFIT, EVEN IF AVAYA WAS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. YOUR USE OF THIS INFORMATION CONSTITUTES ACCEPTANCE OF THESE TERMS. © 2007 Avaya Inc. All Rights Reserved. All trademarks identified by the ® or ™ are registered trademarks or trademarks, respectively, of Avaya Inc. All other trademarks are the property of their respective owners. Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 1 Avaya Port Matrix for Integrated Management 4.0 Defining TCP/IP Ports What are ports and how are they used? TCP and UDP use ports (defined at http://www.iana.org/assignments/port-numbers) to route traffic arriving at a particular IP device to the correct upper layer application. These ports are logical descriptors (numbers) that help devices multiplex and demultiplex information streams. Consider your desktop PC. Multiple applications may be simultaneously receiving information. In this example, email may use destination TCP port 25, a browser may use destination TCP port 80 and a telnet session may use destination TCP port 23. These logical ports allow the PC to de-multiplex a single incoming serial data packet stream into three mini-streams inside the PC. Furthermore, each of the mini-streams is directed to the correct high-level application because the port numbers identify which application each data mini-stream belongs. Every IP device has incoming (Ingress) and outgoing (Egress) data streams. Ports are used in TCP and UDP to name the ends of logical connections which carry data flows. TCP and UDP streams have an IP address and port number for both source and destination IP devices. The pairing of an IP address and a port number is called a socket (discussed later). Therefore, each data stream is uniquely identified with two sockets. Source and destination sockets must be known by the source before a data stream can be sent to the destination. Some destination ports are “open” to receive data streams and are called “listening” ports. Listening ports actively wait for a source (client) to make contact to a destination (server) using a specific port that has a known protocol associate with that port number. HTTPS, as an example, is assigned port number 443. When a destination IP device is contacted by a source device using port 443, the destination uses the HTTPS protocol for that data stream conversation. Port Type Ranges Port numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic Ports (sometimes called Private Ports). Well Known Ports are those numbered from 0 through 1023. Registered Ports are those numbered from 1024 through 49151 Dynamic Ports are those numbered from 49152 through 65535 The Well Known and Registered ports are assigned by IANA (Internet Assigned Numbers Authority) and are found here: http://www.iana.org/assignments/port-numbers. Well Known Ports For the purpose of providing services to unknown clients, a service listen port is defined. This port is used by the server process as its listen port. Common services often use listen ports in the well known port range. A well known port is normally active meaning that it is “listening” for any traffic destined for a specific application. For example, well known port 23 on a server is actively waiting for a data source to contact the server IP address using this port number to establish a Telnet session. Well known port 25 is waiting for an email session, etc. These ports are tied to a well understood application and range from 0 to 1023. In UNIX and Linux operating systems, only root may open or close a well-known port. Well Known Ports are also commonly referred to as “privileged ports”. Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 2 Registered Ports Unlike well known ports, these ports are not restricted to the root user. Less common services register ports in this range. Avaya uses ports in this range for call control. Some, but not all, ports used by Avaya in this range include: 1719/1720 for H.323, 5060/5061 for SIP, 2944 for H.248 and others. The registered port range is 1024 – 49151. Even though a port is registered with an application name, industry often uses these ports for different applications. Conflicts can occur in an enterprise when a port with one meaning is used by two servers with different meanings. Dynamic Ports Dynamic ports, sometimes called “private ports”, are available to use for any general purpose. This means there are no meanings associated with these ports (similar to RFC 1918 IP Address Usage). These are the safest ports to use because no application types are linked to these ports. The dynamic port range is 49152 – 65535. Sockets A socket is the pairing of an IP address with a port number. An example would be 192.168.5.17:3009, where 3009 is the socket number associated with the IP address. A data flow, or conversation, requires two sockets – one at the source device and one at the destination device. The data flow then has two sockets with a total of four logical elements. Each data flow must be unique. If one of the four elements is unique, the data flow is unique. The following three data flows are uniquely identified by socket number and/or IP address. Data Flow 1: 172.16.16.14:1234 - 10.1.2.3:2345 Data Flow 2: 172.16.16.14.1235 - 10.1.2.3:2345 Data Flow 3: 172.16.16.14:1234 - 10.1.2.4:2345 Data flow 1 has two different port numbers and two different IP addresses and is a valid and typical socket pair. Data flow 2 has the same IP addresses and the same port number on the second IP address as data flow 1, but since the port number on the first socket differs, the data flow is unique. Therefore, if one IP address octet changes, or one port number changes, the data flow is unique. Below is an example showing ingress and egress data flows from a PC to a web server. Socket Example Diagram Client HTTP-Get Source 192.168.1.10:1369 TCP-info Destination 10.10.10.47:80 Destination 192.168.1.10:1369 Web Server Source 10.10.10.47:80 ` Notice the client egress stream includes the client’s source IP and socket (1369) and the destination IP and socket (80). The ingress stream has the source and destination information reversed because the ingress is coming from the server. Avaya Server and Sockets Data flows and their sockets may be directed by a server but for the purposes of firewall configuration, these sockets are NOT sourced from the server. The source will be another network element such as a CLAN circuit pack, a gateway VoIP engine or other elements. Therefore, the following port matrix will list these Avaya elements as the source and not the server. Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 3 Understanding Firewall Types and Policy Creation Firewall Types There are three basic firewall types: Packet Filtering Application Level Gateways (Proxy Servers) Hybrid (Stateful Inspection) Packet Filtering is the most basic form of the firewalls. Each packet that arrives or leaves the network has its header fields examined against criterion to either drop the packet or let it through. Routers configured with Access Control Lists (ACL) use packet filtering. An example of packet filtering is preventing any source device on the Engineering subnet to telnet into any device in the Accounting subnet. Application level gateways (ALG) act as a proxy, preventing a direct connection between the foreign device and the internal destination device. ALGs filter each individual packet rather than blindly copying bytes. ALGs can also send alerts via email, alarms or other methods and keep log files to track significant events. Hybrid firewalls are dynamic systems, tracking each connection traversing all interfaces of the firewall and making sure they are valid. In addition to looking at headers, the contents of the packet, up through the application layer, is examined. A stateful inspection firewall also monitors the state of the connection and compiles the information in a state table. Stateful inspection firewalls close off ports until the connection to the specific port is requested. This is an enhancement to security against port scanning1. Firewall Policies The goals of firewall policies are to monitor, authorize and log data flows and events. They also restrict access using IP addresses, port numbers and application types and sub-types. This paper is focused with identifying the port numbers used by Avaya products so effective firewall policies can be created without disrupting business communications or opening unnecessary access into the network. Knowing that the source column in the following matrices is the socket initiator is key in building some types of firewall policies. Some firewalls can be configured to automatically create a return path through the firewall if the initiating source is allowed through. This option removes the need to enter two firewall rules, one for each stream direction, but can also raise security concerns. Another feature of some firewalls is to create an umbrella policy that allows access for many independent data flows using a common higher layer attribute. One example would be creating a policy to allow any H.323 data flows through the firewall. This umbrella policy would allow H.225, H.245, H.248, RTCP and RTP streams to flow through the firewall without specifying specific port ranges for each of these protocols. Finally, many firewall policies can be avoided by placing endpoints and the servers that serve those endpoints in the same firewall zone. 1 The act of systematically scanning a computer's ports. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer. Port scanning has legitimate uses in managing networks, but port scanning also can be malicious in nature if someone is looking for a weakened access point to break into your computer. Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 4 Matrix Headings Defined Source Initiator: The device or application initiating a data flow. Source Port(s): This is the default port(s) used by the source device or application. Valid values include: 0 – 65535. Destination Receiver: The device or application receiving a data flow from a source. Destination Port(s): This is the default port(s) used at the device or application responding to an initiator. Valid values include: 0 – 65535. Network / Application Protocol: Labels of the network and application protocols used. Destination Configurable: “Yes” means the destination port is configurable. “No” means the destination port is not configurable. Valid values include: Yes or No. Range If populated, this field lists the range of ports that can be used by the destination. The range may or may not be configurable. Valid values include: 0 – 65535. Source Configurable: “Yes” means the source port is configurable. “No” means the source port is not configurable. Valid values include: Yes or No Range: If populated, this field lists the range of ports that can be used by the source. The range may or may not be configurable. Valid values include: 0 – 65535. Traffic Purpose: Describes the purpose of the data flow. Comments: Important comments. 1. Avaya Product - Integrated Management 4.0 Software Release/Version: 4.0 Hardware Release/Version: N/A Source Destination Network/ Initiator Port(s) Receiver Port(s) IP Phones 2049 - 3027 VMM Server 5005 Application Protocol 1 2 3 Medpro Boards 2049 - 3027 VMM Server VMM Server 5005 5005 UDP / RTCP UDP / RTCP UDP / RTCP Destination Configurable? Source Configurable? Range Range Yes Yes 1024 - 65535 1024 - 65535 Yes Yes 1024 - 65535 1024 - 65535 Yes Yes 1024 - 65535 1024 - 65535 Traffic Purpose (Comments) IP Phones send IP statistics to the VMM Server Medpro boards send IP statistics to the VMM Server Media Gateways 5005 Media Gateways send IP statistics to the VMM Server 4 VMM Server and Monitor 1024+ SQL Database 1433 TCP / SQL No No Used to access the SQL database 5 VMM Client 1024+ VMM Server 1099, 49177, 51173, 63006 TCP / RMI No No VMM Client to Server communication; first available port of the four is used (Note: VMM Client can be configured to tunnel RMI via HTTP) 6 VMM Server 1024+ VMM Monitor 27015 TCP / custom Yes Yes 1024 - 65535 1024 - 65535 Used by VMM Server to configure the VMM Monitor Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 5 7 8 WebLM PIM 1024+ 1024+ Tomcat JBOSS 21213 2784 – 2789 TCP / HTTP TCP / RMI Yes Yes 1024 - 65535 1024 - 65535 Yes No Used by JBOSS on PIM server No Used by PIM to communicate to Tomcat Web/Servlet Server; Part of JBOSS Installation No Used for Client access, RMI, Login, Database, and Trap services; defined as cv.jum.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as cv.launcher.port No Used for Client access, RMI, Login, Database, and Trap services; defined as llm.clients.port No Used for Client access, RMI, Login, Database, and Trap services; defined as fileaccess.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as userver.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as llm.servers.port No Used for Client access, RMI, Login, Database, and Trap services; defined as userver.socket.port No Used for Client access, RMI, Login, Database, and Trap services; defined as service.smuserdb.port No Used for Client access, RMI, Login, Database, and Trap services; defined as service.snmpinfo.port 1024 – 65535 9 PIM 1024+ Tomcat 2020 TCP / HTTP Yes 1024 - 65535 10 11 12 13 14 15 16 17 18 Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Multiple 2843 TCP / RMI Yes 1024- 65535 Multiple 2401 TCP / Multiple Yes 1024- 65535 Multiple 2402 TCP / Multiple Yes 1024- 65535 Multiple 2403 TCP / RMI Yes 1024- 65535 Multiple 2404 TCP / RMI Yes 1024- 65535 Multiple 2405 TCP / Multiple Yes 1024- 65535 Multiple 2406 TCP / Multiple Yes 1024- 65535 Multiple 2407 TCP / Multiple Yes 1024- 65535 Multiple 2408 TCP / Multiple Yes 1024- 65535 Used by WebLM to communicate to Tomcat Web/Servlet Server Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 6 19 20 21 22 23 24 25 26 27 28 29 Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ Network Management 1024+ JBOSS 1024+ Multiple 2409 TCP / RMI Yes No Used for Client access, RMI, Login, Database, and Trap services; defined as smon.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as nmlogin.local.port No Used for Client access, RMI, Login, Database, and Trap services; defined as nmlogin.remote.port No Used for Client access, RMI, Login, Database, and Trap services; defined as nmlogin.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as llm.fileaccess.port No Used for Client access, RMI, Login, Database, and Trap services; defined as smServer.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as amServer.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as amProcess.rmi.port No Used for Client access, RMI, Login, Database, and Trap services; defined as llm.amClient.port No Used for Client access, RMI, Login, Database, and Trap services; defined as rmiport.min and rmiport.max No JBoss inner ports and RMI/HTTP/Naming ports 1024- 65535 Multiple 2410 TCP / Multiple Yes 1024- 65535 Multiple 2411 TCP / Multiple Yes 1024- 65535 Multiple 2412 TCP / RMI Yes 1024- 65535 Multiple 2413 TCP / Multiple Yes 1024- 65535 Multiple 2500 TCP / RMI Yes 1024- 65535 Multiple 2330 TCP / RMI Yes 1024- 65535 Multiple 2331 TCP / RMI Yes 1024- 65535 Multiple 2332 TCP / Multiple Yes 1024- 65535 Multiple 2900 - 2950 TCP / RMI Yes 1024- 65535 NM Server 62080, 62005, 62099, 62098, 62444, 62455, 62083, 62093, 62873 TCP / RMI Yes 1024- 65535 Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 7 30 NM Client 1024+ NM Server 1980 TCP / Multiple Yes No Multi-Socket port No RMI port for Trap Manager 1024- 65535 31 Trap Manager 1024+ NM Server 6169 TCP / RMI Yes 1024- 65535 32 VMM Server 1024+ Network Management System 162 UDP / SNMP No No Optional – needed for VMM SNMP Traps 33 Management PC 1024+ Tomcat 80 TCP / HTTP Yes No Tomcat Servlet Container Management PC 1024+ No Apache Web Server 35 Management PC 1024+ Apache 443 TCP / HTTPS No No Apache Secure Web Server 36 Management PC 1024+ Windows Server 22 TCP / SSH No No Incoming SSH access 37 Management PC 1024+ Windows Server 23 TCP / Telnet No No Optional: Incoming Telnet 38 Management PC 1024+ Windows Server 21 TCP / FTP No No Optional: Incoming FTP 39 VMM, Network Management Console 1024+ NMS, Communication Manager and other SNMP devices 161 UDP / SNMP No No SNMP access for Management 40 Communication Manager and other SNMP devices 1024+ Network Management Console 162 UDP / SNMP No No SNMP Traps 41 ASA 1024+ Voice Mail Servers (e.g. Intuity Audix) 23 TCP / Telnet No No Telnet access to Voice Mail Servers 42 ASA 1024+ Voice Mail Servers (e.g. Intuity Audix) 22 TCP / SSH No No SSH access to Voice Mail Servers 43 ASA/VAM 1024+ Customerprovided Email Server 21 TCP / SMTP No No Email server access 44 VAM 1024+ TN2401AP Boards and Media Gateways 20, 21 TCP / FTP No No For file transfer of announcement *.wav files to Media Gateways and TN2501AP boards 45 VAM 1024+ TN2401AP Boards 22 TCP / SFTP No No For secure file transfer (SFTP) to TN2501AP boards 46 VAM 1024+ Media Gateways (G250, G350) 161 UDP / SNMP No No For sending SNMP commands to retrieve announcement *.wav files 34 1024- 65535 Apache 8080 TCP / HTTP Yes 1024- 65535 Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 8 47 VAM 1024+ VAM 65530 TCP / custom No No Used to determine if an instance of VAM is already running; prevents a second instance from being initiated 48 Network Management Console, ASA, VAM 1024+ Communication Manager 5022 TCP / SSH No No Secure SAT Service ports on Linux-based Voice Systems 49 Network Management Console, ASA, VAM 1024+ Communication Manager 5023 TCP / Telnet No No Un-secure SAT Service ports on Linux-based Voice Systems 50 ASA, VAM 1024+ Communication Manager 5000 TCP / Telnet Yes No Un-secure SAT Service ports on Oryx/Pecosbased Voice Systems through CLAN ports 5000 - 9999 51 ASA 1024+ Modular Messaging (non-secure) 389 TCP / LDAP No No Un-secure LDAP connection to Modular Messaging for administration of subscribers 52 ASA 1024+ Modular Messaging (secure) 636 TCP / LDAPS No No Secure LDAP connection to Modular Messaging for administration of subscribers Notes: Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 9 Port Summary: Ingress: This indicates data flowing INTO the product defined in the matrix. Egress: This indicates data flowing away FROM the product defined in the matrix. Port(s): This is the layer-4 port number. Valid values include: 0 – 65535. Note all ports listed are destination ports. Network/Application Protocol: This is the name associated with the layer-4 protocol and layers-5-7 application. Optionally Enabled / Disabled: This field indicates whether customers can enable or disable a layer-4 port changing its default port setting. Valid values include: Yes or No No means the default port state cannot be changed (e.g. enable or disabled). Yes means the default port state can be changed and that the port can either be enabled or disabled. Default Port State: A port is either open, closed, filtered or N/A. Open ports will respond to queries Closed ports may or may not respond to queries and are only listed when they can be optionally enabled. Filtered ports can be open or closed. Filtered UDP ports will not respond to queries. Filtered TCP will respond to queries, but will not allow connectivity. N/A is used for the egress default port state since these are not listening ports on the product. Avaya Port Summary Ports Ingress 1 2 3 4 5 6 7 8 9 10 Egress 1 2 3 4 5 6 7 8 9 10 Network / Application Protocol Optionally Enabled / Disabled? Default Port State Column Descriptions Ingress -- data flows coming into the product. 21 22 23 80 161 162 443 TCP / FTP TCP / SSH TCP / Telnet TCP / HTTP UDP / SNMP UDP / SNMP TCP / HTTPS Yes Yes Yes Yes Yes Yes Yes Open Open Open Open Open Open Open 20 21 22 23 25 161 162 389 636 TCP / FTP TCP / FTP TCP / SSH TCP / Telnet TCP / SMTP UDP / SNMP UDP / SNMP TCP / LDAP TCP / LDAPS Yes Yes Yes Yes Yes Yes Yes Yes Yes Open Open Open Open Open Open Open Open Open Egress -- data flows leaving the product. Port(s) – Logical number(s) at OSI layer-4. Valid values include: 0 – 65535 Network / Application Protocol – Top layer protocol. i.e. RTP, HTTP, etc. Optionally Enabled/Disabled – indicates whether customers can enable or disable a layer-4 port changing its default port setting. Valid values include: Yes or No. Default Port State: Valid Values include: Open, Closed, Filtered or N/A The port numbers are assigned by IANA (Internet Assigned Numbers Authority) and are found here: http://www.iana.org/assignments/port-numbers Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 10 IP Protocol Summary: IP Protocol Number: This is the layer-3 or layer- protocol number. Valid values include: 0 – 255. IP Protocol Name: This is the name associated with the layer-3 protocol or layer-4 port number. Examples are ICMP, TCP, UDP, IGMP, etc. Optionally Enabled / Disabled: This field indicates whether customers can enable or disable a layer-3 protocol from its default setting. Valid values are: Yes or No. No means the default protocol state cannot be changed (e.g. enable or disabled). Yes means the default protocol state can be changed and that the protocol can either be enabled or disabled. Default Protocol State: A protocol is open, closed or filtered. Open will respond to queries whereas filtered is open, but will not respond. Valid values include: Open, Close or Filtered. For brevity, closed protocols are not listed unless they can be optionally enabled. Open protocols will respond to queries Closed protocols may or may not respond to queries and are only listed when they can be optionally enabled. Filtered protocols can be open or closed. Avaya IP Protocol Summary IP Protocol Number 1 2 3 4 5 6 7 8 9 10 6 17 IP Protocol Name TCP UDP Optionally Enabled/ Disabled? No No Default Protocol State Open Open Column Description IP Protocol Number – Logical number at OSI layer-3 or layer-4. Valid values include: 0 – 255 IP Protocol Name – OSI layer 3 & 4. i.e. ICMP, TCP, UDP, IGMP Optionally Enabled/Disabled – indicates whether customers can enable or disable a layer-3 or layer-4 protocol changing its default protocol setting. Default Protocol State: Valid Values include: Open, Closed or Filtered The protocol numbers are assigned by IANA (Internet Assigned Numbers Authority) and are found here: http://www.iana.org/assignments/protocol-numbers Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 11 Additional Information: This paper additionally provides information on what the Integrated Management software configures on the customer-provided Windows Server. It covers the following: o Installed Files, Default Directory Locations and Registry Entries This paper attempts to provide the customer with relevant information about the Integrated Management Windowsbased applications in order for customers to make an assessment of the necessary protocols and services needed to run on their Windows server. Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 12 Notation, Terminology And Acronyms The following table gives meanings for most of the terms and acronyms used in this document. Term API ASA CLAN FIFO FTP GUI HKCU HKLM HTML HTTP HTTPS IP NM NMSI NNM OV PIM PPP RMATS RMI SAT SMTP SNMP SSH T&M TCP TSC UDP VAM VMM VNC VPN Meaning Application Programming Interface Avaya Site Administration Control-LAN, a Communication Manager IP interface circuit pack First In First Out File Transfer Protocol Graphical User Interface HKey Current User HKey Local Machine HyperText Markup Language HyperText Transfer Protocol HyperText Transfer Protocol Secure Internet Protocol Network Management Network Management System Integration Network Node Manager HP OpenView Provisioning and Installation Manager Point-to-Point Protocol Remote Maintenance and Test System Remote Method Invocation System Access Terminal Simple Mail Transfer Protocol Simple Network Management Protocol Secure Shell Time and Materials Transmission Control Protocol Technical Service Center User Datagram Protocol Voice Announcement Manager VoIP Monitoring Manager Virtual Network Computing - software that makes it possible to view and fully-interact with one computer from any other computer or mobile device anywhere on the Internet Virtual Private Network Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 13 Integrated Management Relevant Directories: This section lists the directories used and created by various Integrated Management applications. The directories are the locations on the Windows server where the Integrated Management files are installed. Integrated Management Common Components: Default Directories: C:\Program Files\Avaya\Required Components contains Integrated Management Client and Server Configuration GUI files, launchApp, and *.vl files C:\Program Files\Avaya\JRE contains the Java Runtime Environment needed by various applications C:\Program Files\Avaya\Third Party Installed contains copies of all the third party installers used for IM install Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ HKLM\SOFTWARE\Avaya\JRE 1.5.0_08\ HKLM\SOFTWARE\Avaya\JRE 1.5.0_08\AppsInstalled\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: PROP_PATH Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 14 Integrated Management Launch Page: Default Directories: C:\Program Files\Avaya\Home Page\html contains Integrated Management Launch Page HTML files Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: AIM_VERSION AIM_FPM AIM_CCS AIM_GMS AIM_EPI AIM_IMD AIM_EPI_PORT AIM_MSA AIM_PATH AIM_MSG AIM_SERVER AIM_NSM AVAYA_ROOT AIM_PA ASA_FLAG AIM_VOIP VAM_FLAG AIM_VMSC MM_FLAG AIM_IEM AIM_MM Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 15 Avaya Site Administration: Default Directories: C:\Program Files\Avaya\Site Administration\bin program executable files and *.dll files C:\Program Files\Avaya\Site Administration\data data files; such as bitmaps, defaults and list files C:\Documents and Settings\<username>\ Application Data\Avaya\Site Administration\user location of persist.dat, template data, button label print data, etc… Also default directory for reports and import/export tasks C:\Documents and Settings\<username>\ Application Data\Avaya\Site Administration\ user\Backup Backup of persist.dat, template data, button label print data, etc… Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Avaya Site Administration\ HKLM\SOFTWARE\Avaya\Avaya Site Administration\ HKLM\SOFTWARE\Avaya\Avaya Site Administration\SASL Library\ HKLM\SOFTWARE\Avaya\Avaya Site Administration \System\ HKCU\SOFTWARE\Avaya\Avaya Site Administration\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: AIM_PATH AIM_SERVER SA_PATH DSA_PATH Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 16 Voice Announcement Manager: Default Directories: C:\Program Files\Avaya\Voice Announcement Manager\bin contains program executable Jar files C:\Program Files\Avaya\Voice Announcement Manager\data contains sample CSV files and backup policy files C:\Program Files\Avaya\Voice Announcement Manager\images contains JPEG, GIF and bitmap image files C:\Program Files\Avaya\Voice Announcement Manager\ossidoc contains OSSI mapping files C:\Program Files\Avaya\Voice Announcement Manager\resources contains property files for all supported languages; only default file and English US file is present C:\Documents and Settings\<username>\ Application Data\Avaya\Voice Announcement Manager\user contains data files; such as property files, error logs, status logs, etc… Also default location for storage of announcement files Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Administration Tools\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: AIM_PATH AIM_SERVER VAL_PATH JRE2_BIN Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 17 VoIP Monitoring Manager: Default Directories: C:\Program Files\Avaya\VoIP Monitoring Manager contains program executable Jar files under the jars subdirectory Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management VoIP Monitoring Manager\ HKLM\SOFTWARE\Avaya\VoIP Monitoring Manager\ HKLM\SOFTWARE\Avaya\VoIP Monitoring Manager\RtcpMon\ HKLM\SYSTEM\CurrentControlSet\Services\VoIP Monitoring Manager Server HKLM\SYSTEM\CurrentControlSet\Services\VoIP Monitoring Manager Server\Parameters HKLM\SYSTEM\CurrentControlSet\Services\VoIP Monitoring Manager Server\Security HKLM\SYSTEM\CurrentControlSet\Services\VoIP Monitoring Manager Server\Enum Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: AIM_PATH AIM_SERVER VMON_PATH JRE2_BIN AIM_VOIP WebLM: Default Directories: C:\Program Files\Apache Group\Tomcat 4.1\ webapps\WebLM contains expanded war file, once WebLM is started Registry Entries: None Environment Variables: The following entries are made in the environment registry HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: WEBLM_IP WEBLM_PORT CATALINA_HOME JAVA_HOME Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 18 MSDE: Default Directories: C:\Program Files\Microsoft SQL Server contains program executable files Registry Entries: HKLM\SOFTWARE\Microsoft\MSSQLSERVER\ SQL Logins Created: sa (user defines password during installation) VmmUser Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 19 Network Management: Default Directories: C:\Program Files\Avaya\Network Management C:\Program Files\Avaya\Network Management\CVS\Jboss3.2.5 contains program executable Jar files contains program executable Jar files Registry Entries: HKLM\SOFTWARE\Avaya\Avaya Integrated Management\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Network Management\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Network Management 3.1\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Network Management 3.1\ Components\ HKLM\SOFTWARE\Avaya\Avaya Integrated Management Network Management 3.1\ Versions\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: AIM_VERSION AIM_FPM AIM_CCS AIM_GMS AIM_EPI AIM_IMD AIM_EPI_PORT AIM_MSA AIM_PATH AIM_MSG AIM_SERVER AIM_NSM NM_PATH AIM_PA NM_INSTALLED AIM_VOIP JRE2_BIN AIM_VMSC AVAYA_ROOT AIM_IEM CYGWIN AIM_MM SCP_PATH ASA_FLAG CV_PATH VAM_FLAG CVS_HOME MM_FLAG LUL_HOME Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 20 Tomcat Servlet Container The tomcat web server installs into the standard Tomcat Windows installation locations including the following directories: Default Directories: C:\Program Files\Apache Group\Tomcat 4.1 contains executable files Registry Entries: HKLM\SOFTWARE\Apache Group\Tomcat\ Apache Web Server The apache web server installs into the standard Apache Windows installation locations including the following directories: Default Directories: C:\Program Files\Apache Group\Apache2 contains executable files Registry Entries: HKLM\SOFTWARE\Apache Group\Apache\ SCP/SSH OpenSSH for Windows used for SCP Default Directories: C:\Program Files\OpenSSH\ C:\Program Files\OpenSSH\bin\ contains executable files Registry Entries: HKLM\SOFTWARE\Cygnus Solutions\ Cygwin\ Environment Variables: The following entries are made in the environment registry at HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\: CYGWIN SCP_PATH Avaya – Proprietary & Confidential. Use pursuant to the terms of your signed agreement or Avaya policy. 21