Changing device UI TCP port numbers

Starting from firmware version 3.4.3 administrators can choose to run the device UI on a port number other than the standard ports which are 80 (HTTP) and 443 (HTTPS). This may be needed based on local policies in certain network topologies.

These port numbers can be configured in the System->Management section of the GUI, right next to the HTTP and HTTPS enable/disable sections.

Note that changing the port just for security reasons (security by obscurity) is of marginal benefit, if any. An attacker with a port scanner could still detect the open port, even if the number is now non-standard. Unless there is a specific reason related to local port/policy usage, the recommendation is to leave these services running on the default ports.

If the device is being managed through cnMaestro, then turning off local access (HTTP/HTTPS/Telnet/CLI) could be considered as a security measure.