Symantec Web Security Service (WSS)
Some ports must be opened on your firewalls to allow connectivity to the various cloud service components and data centers.
The ports vary depending upon the configured WSS access methods.
For converting proxy.threatpulse.net to your relevant geographical IP address(es), refer to Data Center IP Addresses.
All firewall rules must allow outbound connections to the following ports:
Remote Users: (Mobility client)
MDM Integration: (for example, Airwatch)
Authentication: (ACLogon.exe; log-in script for sending logged-in credentials directly to BCCA.)
Roaming Captive Portal:
Internal ports: (between BCCA server and Domain Controllers)