Firewall Requirements

Introduction 

Security site or roadside networks are often tightly controlled to minimise vulnerabilities. The following rules must be incorporated in to any firewall settings to ensure the correct function of a Witness™ system.

Contents



Rules

Port

Required Route

Reason

Port

Required Route

Reason

22

  • Track Engine to Radar

SSH to radar (TCP)

50022

  • Track Engine to Radar

SSH to embedded tracking processor in radar (TCP)

6317*

  • Track Engine to Radar (local tracking)

Native radar data (TCP)

56317

  • Track Engine to Radar (on-board tracking)

Data from Tracker to Track Engine (TCP)

443

  • Track Engine to Radar

Web UI for radar - TLS (TCP)

6317*

  • Track Engine to Management Server

  • User Interface to Management Server

  • Camera Controller to Management Server

Messaging & Control between ClearWay™ software modules (TCP)
TLS is optional and uses the same port

4300-43xx*

  • Radar to System User Interface (on-board tracking)

  • Track Engine to User Interface (local tracking)

Radar data for display (UDP)
Typically commissioning only

123

  • Radar to Management Server

  • Track Engine to Management Server

  • Database to Management Server

NTP (UDP)

10000*

  • Third party system to Management Server

XML over TCP/IP (TCP)

51210*

  • Third party system to Management Server

OPC UA (TCP)

502*

  • Third party system to Management Server

Modbus over TCP/IP (TCP)

554

  • Third party video client to Track Engine

Situational Awareness (RTSP)

27010*

  • Track Engines to Database Server

  • Management Server to Database Server

Database access (TCP)

8443*

  • Situational Awareness2 client - Web browser to Management Server

Web access to SItuational Awareness2

Ports marked with * are configurable and can be changed as part of the commissioning process. We strongly recommend that these are left at the default where possible to avoid any future issues while maintaining the system.


Related Information

Safety is everything.