Block java.exe outbound in firewall

Hi. I have an Elastic cluster with 4 nodes, all on Windows Server. We are using Windows Defender Firewall to limit access to ports 9200 and 9300 between the nodes. We have now been asked if we can limit the OpenJDK java.exe executable outbound from each node by implementing a firewall rule on each node - e.g. block the program outbound on all ports. In my case the filepath would be C:\elasticsearch-8.6.2\jdk\bin\java.exe.

Is there any reason this would break any connectivity between the nodes? I assume API requests are not made directly to the java executable and so enabling this rule shouldn't affect anything?

The version of Elasticsearch is 8.6.2. Please kindly let me know if you require any more information (I am new to Elasticsearch so may have omitted some important info!)


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.