Symantec Privileged Access Management

  • Private Community

  • 1.  issue with port 8550 always queried

    Broadcom Employee
    Posted Dec 19, 2017 11:44 PM

    PAM has known issue with port 8550 is always queried when it make connection to target device with ssh/rdp.

     

    There is KB describe this issue. And enhancement request is also raised for disable/enable query on SFA port(8550)

     

    https://support.ca.com/us/knowledge-base-articles.TEC1904995.html .

    https://communities.ca.com/ideas/235734495-ca-pam-enhancement-request-to-be-able-to-turn-sfa-port-check-onoff

    I am wondering if this behavior changed in latest PAM or lastest PAM still query port 8550 when make connection.

     

    Also is there any other way to mitigate this problem other than reject package in firewall setting?

     

     

    BR 

     

    Jerry

     



  • 2.  Re: issue with port 8550 always queried

    Broadcom Employee
    Posted Dec 20, 2017 08:44 AM

    Hi Jerry, No, this has not changed so far. The documents you found are still accurate.



  • 3.  Re: issue with port 8550 always queried

    Broadcom Employee
    Posted Dec 20, 2017 09:36 PM

    Hello Ralf,

     

    Is there any way to make this problem less severe other than rejecting query packet on target firewall?

     

     

    BR

     

    Jerry



  • 4.  Re: issue with port 8550 always queried
    Best Answer

    Broadcom Employee
    Posted Dec 20, 2017 10:24 PM

    Hi Jerry, If you open the firewall between PAM and the target devices for 8550, then the connection attempt should run into a "Connection refused” error and fail without delay. That's the one alternative that should work for SSH connections to UNIX/Linux targets, but it will not work with Windows devices that have a local firewall running, unless you change the default behavior of the firewall, see https://support.ca.com/us/knowledge-base-articles.tec1215493.html.