Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
CTA
Contributor II
Contributor II
‎2022-07-26 01:11 PM

Security - Open ports on QLIK

Hi,

Sorry if sounds like a dumb question, but I'm quite a newbie here and trying to understand how QLIK works. There is a QLIK installation that I need to understand it in terms of security. Did a nmap against the IP and there are a lot of open ports (most of them in the 4xxx range) that I'm not sure they should be allowed from outside.

Can you please advise if that should be the case or I should allow only 80 and 443?

Thank you in advance,

Labels (1)
Labels
704 Views
0 Likes
1 Solution

Accepted Solutions
Chip_Matejowsky
Support
Support
‎2022-07-26 02:29 PM

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

View solution in original post

683 Views
0 Likes
4 Replies
Chip_Matejowsky
Support
Support
‎2022-07-26 02:29 PM

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!
684 Views
0 Likes
Levi_Turner
Employee
Employee
‎2022-07-26 05:18 PM

The only nuance that I'd have to @Chip_Matejowsky 's answer is that you need to break out the ports by their clients.

For end users accessing the Hub and QMC, only the HTTPS (or optional HTTP) port(s) are needed. By default they'd be 433 (and optionally 80). For multiple servers in a cluster reference the doc that Chip referenced for the port allowances needed.

667 Views
0 Likes
CTA
Contributor II
Contributor II
‎2022-07-26 05:39 PM
Author

In response to Levi_Turner

Not sure I understand what you mean by break out the ports by their clients?

As I said before, I have 443 and 80 (HTTPS and HTTP) open for everyone and all the other 4xxx ports also open for everyone.

I guess you mean that there are some specific client application that connects from outside to the QLIK server on these ports, so I  should whitelist those ports on specific IP sources. 

I'm more the networking security guy here, so I try to quicker understand how QLIK works, so I can secure it as much as possible, so please excuse my possible dumb questions.

 

664 Views
0 Likes
Levi_Turner
Employee
Employee
‎2022-07-26 05:50 PM

In response to CTA

By client I mean a device / thing which connects to a service. In a multi-node setup, each node is a server and a client. In both single node and multi-node configurations, end users accessing the Hub and QMC are also clients.

End user access: HTTPS and HTTP ports.

Server to Server Communication (if using multiple nodes): See doc Chip referenced.

658 Views
0 Likes