The Red Hat Enterprise Virtualization Hypervisor has various security features enabled. Security-Enhanced Linux (SELinux
) and the iptables
firewall are fully configured and on by default.
Administrators can receive the latest security advisories from the Red Hat Enterprise Virtualization watch list. Subscribe to the Red Hat Enterprise Virtualization watch list to receive new security advisories for Red Hat Enterprise Virtualization products by email. Subscribe by completing this form:
http://www.redhat.com/mailman/listinfo/rhev-watch-list/.
Red Hat Enterprise Virtualization uses various network ports for management and other virtualization features. These ports must be open for Red Hat Enterprise Linux to function as a host with Red Hat Enterprise Virtualization. The list below covers ports and their usage by Red Hat Enterprise Virtualization:
ICMP
requests must be accepted. ICMP
packets are used for network testing by the Manager.
Port 22 should be open for SSH access and the initial installation.
Ports 8080 or 8443 (depending on the security settings on the Manager) are used by the vdsm-reg
service to communicate information about the host.
Ports 5634 to 6166 are used for guest console access.
Port 16509 is used to support migration communication generated by libvirt.
Ports 49152 to 49216 are used for migrations. Migration may use any port in this range depending on the number of concurrent migrations occurring.
Port 54321 is used by default, by VDSM for management, storage and inter-host communication. This port can be modified.