Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Introducing Qlik Answers: A plug-and-play, Generative AI powered RAG solution. READ ALL ABOUT IT!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
CTA
Contributor II
Contributor II
‎2022-07-26 01:11 PM

Security - Open ports on QLIK

Hi,

Sorry if sounds like a dumb question, but I'm quite a newbie here and trying to understand how QLIK works. There is a QLIK installation that I need to understand it in terms of security. Did a nmap against the IP and there are a lot of open ports (most of them in the 4xxx range) that I'm not sure they should be allowed from outside.

Can you please advise if that should be the case or I should allow only 80 and 443?

Thank you in advance,

Labels (1)
Labels
616 Views
0 Likes
1 Solution

Accepted Solutions
Chip_Matejowsky
Support
Support
‎2022-07-26 02:29 PM

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

View solution in original post

595 Views
0 Likes
4 Replies
Chip_Matejowsky
Support
Support
‎2022-07-26 02:29 PM

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!
596 Views
0 Likes
Levi_Turner
Employee
Employee
‎2022-07-26 05:18 PM

The only nuance that I'd have to @Chip_Matejowsky 's answer is that you need to break out the ports by their clients.

For end users accessing the Hub and QMC, only the HTTPS (or optional HTTP) port(s) are needed. By default they'd be 433 (and optionally 80). For multiple servers in a cluster reference the doc that Chip referenced for the port allowances needed.

579 Views
0 Likes
CTA
Contributor II
Contributor II
‎2022-07-26 05:39 PM
Author

In response to Levi_Turner

Not sure I understand what you mean by break out the ports by their clients?

As I said before, I have 443 and 80 (HTTPS and HTTP) open for everyone and all the other 4xxx ports also open for everyone.

I guess you mean that there are some specific client application that connects from outside to the QLIK server on these ports, so I  should whitelist those ports on specific IP sources. 

I'm more the networking security guy here, so I try to quicker understand how QLIK works, so I can secure it as much as possible, so please excuse my possible dumb questions.

 

576 Views
0 Likes
Levi_Turner
Employee
Employee
‎2022-07-26 05:50 PM

In response to CTA

By client I mean a device / thing which connects to a service. In a multi-node setup, each node is a server and a client. In both single node and multi-node configurations, end users accessing the Hub and QMC are also clients.

End user access: HTTPS and HTTP ports.

Server to Server Communication (if using multiple nodes): See doc Chip referenced.

570 Views
0 Likes