Skip to main content
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Showing results for 
Search instead for 
Did you mean: 
CTA
Contributor
Contributor

Security - Open ports on QLIK

Hi,

Sorry if sounds like a dumb question, but I'm quite a newbie here and trying to understand how QLIK works. There is a QLIK installation that I need to understand it in terms of security. Did a nmap against the IP and there are a lot of open ports (most of them in the 4xxx range) that I'm not sure they should be allowed from outside.

Can you please advise if that should be the case or I should allow only 80 and 443?

Thank you in advance,

Labels (1)
1 Solution

Accepted Solutions
Chip_Matejowsky
Support
Support

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!

View solution in original post

4 Replies
Chip_Matejowsky
Support
Support

Hi @CTA,

Yes, Qlik Sense relies on quite a few ports for communication. Have a look at the Qlik Sense Enterprise Server online Help entry Ports Overview and the Qlik Support article Required Ports for Qlik Sense Enterprise for more detailed information.

 

Best Regards

Principal Technical Support Engineer with Qlik Support
Help users find answers! Don't forget to mark a solution that worked for you!
Levi_Turner
Employee
Employee

The only nuance that I'd have to @Chip_Matejowsky 's answer is that you need to break out the ports by their clients.

For end users accessing the Hub and QMC, only the HTTPS (or optional HTTP) port(s) are needed. By default they'd be 433 (and optionally 80). For multiple servers in a cluster reference the doc that Chip referenced for the port allowances needed.

CTA
Contributor
Contributor
Author

Not sure I understand what you mean by break out the ports by their clients?

As I said before, I have 443 and 80 (HTTPS and HTTP) open for everyone and all the other 4xxx ports also open for everyone.

I guess you mean that there are some specific client application that connects from outside to the QLIK server on these ports, so I  should whitelist those ports on specific IP sources. 

I'm more the networking security guy here, so I try to quicker understand how QLIK works, so I can secure it as much as possible, so please excuse my possible dumb questions.

 

Levi_Turner
Employee
Employee

By client I mean a device / thing which connects to a service. In a multi-node setup, each node is a server and a client. In both single node and multi-node configurations, end users accessing the Hub and QMC are also clients.

End user access: HTTPS and HTTP ports.

Server to Server Communication (if using multiple nodes): See doc Chip referenced.