using was in CLM 2011 or CLM 2012 should we open the port 9043?
Accepted answer
As Stephane mentioned, you can customize what port to use.
Based on my experience, I would recommend to
Use IBM HTTPs Server as the proxy server and use the HTTPS (default port 443) such that you only need to ask the network security guy (or yourself) to open only the port 443 to the client machines. If you configure the embedded "web server" inside WAS to use port 443, it may not be a good idea unless you won't need an HTTPS server at all.
Of course, the systsmes holding servers used by CLM (database, app servers) need to have the required ports opened to each other, which are normally within a secured domain.
Comments
Introducing a reverse proxy into the scene in a initial deployment of CLM is a recommended Best Practice. It will allow you to refactor your CLM topology while maintaining stable URIs :
http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0m1/index.jsp?topic=%2Fcom.ibm.jazz.install.doc%2Ftopics%2Fc_reverse_proxy.html
One other answer
WAS would let you modify the "default ports" it uses (e.g. from port 9043 to port 443 and from port 8080 to port 80). When configuring the Jazz server initially, it's a good practice to hide port numbers from the public server URL. You could find in details guidance here :
http://sleroyblog.wordpress.com/2012/03/30/tip-for-jazz-administration-hide-port-numbers-from-the-public-server-uri/
Regards,
Stéphane