ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Possible firewall changes needed for Information Centric Encryption (ICE) 102 On-Premise Key Store


Article ID: 171096


Updated On:


Information Centric Encryption


Changes that may be required on your firewall when implementing On-Premise Key Store in Information Centric Encryption (ICE) 102.


ICE 102 - On-Premise Key Store


Details of this are in the online Help for ICE 102:

  • ICE On-Premises Key Store is using Blue Coat NTP (TCP/UDP 123) to sync clock (UTC)
  • HTTPS OUT (TCP 443) must be allowed
  • HTTP OUT (TCP 80) may be required
  • HTTPS IN (TCP 443) should be allowed for administration (may restrict source)
  • SSH IN (TCP 22) is needed if CLI will be accessed remotely
  • DNS (TCP/UDP 53)