Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Technical Advisory: Upcoming Limitation on Allowed Ports for SFTP Hosts

Avatar

Avatar
Contributor
Employee
thebenrobb
Employee

Likes

136 likes

Total Posts

310 posts

Correct Reply

82 solutions
Top badges earned
Contributor
Seeker
Shape 1
Give Back 3
Give Back
View profile

Avatar
Contributor
Employee
thebenrobb
Employee

Likes

136 likes

Total Posts

310 posts

Correct Reply

82 solutions
Top badges earned
Contributor
Seeker
Shape 1
Give Back 3
Give Back
View profile
thebenrobb
Employee

30-09-2020

What is Changing?

Adobe Experience Platform Launch will soon require that all ports on SFTP Hosts be on the list below (or fall within the specified ranges).

  • 21
  • 22
  • 80
  • 200-299
  • 443
  • 2000-2999
  • 4343
  • 8080
  • 8888

Impact

When creating/editing an SFTP Host, Launch will perform validation on the Host's port. If the port is not on the list above, the save will fail with an error.

If you happen to create a Host with a disallowed port before these changes, once they go into effect, builds sent to that Host will fail.

Rationale

We consistently take steps to improve security and reduce our risk exposure. Limiting the allowed outgoing ports is required by our network and security teams to enhance the infrastructure that supports Launch.

Why These Ports?

When we conducted our analysis, all existing SFTP Hosts on our customer organizations were already compliant with the list of ports above. You will recognize many as commonly allowed incoming ports for corporate firewalls. The listed ranges let us include the other existing Hosts - those not on standard ports - and still preserve some flexibility for future Hosts.

When Will This Happen?

The validation is already happening in the Launch UI.  These ports will become the only available ports on October 27th.  Blocking the ports at the API level is still pending.