Add VIC backchannel port to standard ESX firewall configuration

[hickeng]

User Statement: As a VIC customer I don't want to have to configure the ESX firewall.

Details: We currently use port 2377 for our backchannel. While we have plans to move to VMCI we will likely need to keep a TCP based mechanism available for scenarios where ESX agents are not a viable option. One option is to configure the firewall via a VIB (#3801), but that still involves complexity around ensuring all hosts have the VIB deployed. Another approach is to have the port opened by default in future firewall configurations - which needs to be addressed with the vSphere team. This will likely involve discussion as to the base requirement, the specific mechanism we're currently using (network serial port), and the timelines for which this is needed.

It could be possible to phrase this as automatic firewall rules for network serial ports to decouple it from our specific approach.

Acceptance Criteria:

• [ ] plan to allow VIC network serial port communication in default configuration, or
• [ ] vSphere rejection of any change to default configuration

Related: #3643