Firewall requirements

Important

Helix Core Server, Helix Search, and Elasticsearch must be all reachable from where Helix DAM is installed.

Inbound connections

To allow users access to Helix DAM via web browsers and version control clients, make sure the Helix DAM server is reachable by the following connections:

TCP 22 - Version control access over SSH.
TCP 80 - Web application and version control access over HTTP.
TCP 443 - Web application and version control access over HTTPS (only if SSL is used).

If Helix DAM LDAP interface is enabled, the following connections are required:

TCP 389 - Unencrypted LDAP connection.
TCP 636 - Encrypted LDAPS connection (only if SSL is used).

Inter-server connections

For Enterprise deployments, the following connections are required:

TCP 4002 from Helix DAM Web to TeamHub DB server - Access to MongoDB database.
TCP 6379 from Helix DAM Web to TeamHub DB server - Access to Redis database.

For convenience, it is recommended the user check arrows and corresponding ports for deployment type, and then reference here for a more detailed explanation of the port usage.

Outbound connections

Helix DAM may use a number of external services for mailing, authentication, etc. If external services are required, make sure the following connections are open for Helix DAM servers to access:

TCP [usually 25] to use SMTP gateway for mailing.
TCP [usually 389] to use corporate LDAP server for authentication.
TCP 1601 for Helix Search.
TCP 9200 (default) for Elasticsearch
Reachable Helix Core Server on your specified P4PORT