We're are going to be using transactional replication for
bi-directional data flow between our ERP at one physical location and our e-commerce store at a secondary physical location. There is a tunnel between the two locations to support secured data flow.
We're having much heated debate regarding which ports need to be assigned or required to allow transactional replication.
One party says we only need 1433 TCP and 1434 UDP.
Second group says we need to allow for additional ports over 1024.
"To configure the firewall, you must allow traffic from *ANY* to 1433, and from 1433 to *ANY*, where *ANY* is a port greater than 1024.
*ANY* -> 1433
1433 -> *ANY*
"
My network admin is siding with group one due to his philosophy of secure as tight as possible, then if needed, open up ports. I agree with his philosophy, but I don't have the insights/knowledge to confidently make a decision.
What ports are required to support transactional replication while keeping our network as tightly secured as possible, without interfering with the functioning of the transactional replication?
Appreciate input and advice.
Andrew
bi-directional data flow between our ERP at one physical location and our e-commerce store at a secondary physical location. There is a tunnel between the two locations to support secured data flow.
We're having much heated debate regarding which ports need to be assigned or required to allow transactional replication.
One party says we only need 1433 TCP and 1434 UDP.
Second group says we need to allow for additional ports over 1024.
"To configure the firewall, you must allow traffic from *ANY* to 1433, and from 1433 to *ANY*, where *ANY* is a port greater than 1024.
*ANY* -> 1433
1433 -> *ANY*
"
My network admin is siding with group one due to his philosophy of secure as tight as possible, then if needed, open up ports. I agree with his philosophy, but I don't have the insights/knowledge to confidently make a decision.
What ports are required to support transactional replication while keeping our network as tightly secured as possible, without interfering with the functioning of the transactional replication?
Appreciate input and advice.
Andrew
