Recommendations

After installation of the software, please proceed with the following advisories:

• Change the default password for Graphic Hub Admin user: GH Manager Tools > Administer users & groups.

• Enable http authentication in GH Terminal: Options > Advanced Settings.

• Change Graphic Hub Terminal password (see above): Options > Change Terminal password.

• Use SSL encryption for Graphic Hub Rest.

• Disable Remote Access for WiBu Codemeter Webadmin and use SSL (Configuration > Basic > Webadmin)

• Remove any unneeded services.

Ports used by Graphic Hub and Components

The Graphic Hub server requires a limited number of open network ports. The following table lists the ports used for Graphic Hub server connectivity:

Since Graphic Hub Deploy Agent 2.0.0, Graphic Hub Manager 5.0.0, GH REST 2.0.0, and Viz Artist 3.8.2, these clients do not require any port exemption rules on the client side firewall configuration. However, for earlier versions, all ports must be open on the client side.

Firewall Policy by Scope

Host-Local Firewall (Windows Firewall)

The Graphic Hub installer creates application-based Windows Firewall rules automatically for all components. No manual port-based rules are needed on the host itself.

Network Firewall (Inter-Site or Inter-Zone)

For cross-site deployments between two Graphic Hub servers, allow the following on your network firewall:

No inbound ephemeral port range (49152-65535) is required between sites when all components meet the minimum versions listed above.