ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Possible firewall changes needed for Information Centric Encryption (ICE) 102 On-Premise Key Store
Article ID: 171096
Information Centric Encryption
Changes that may be required on your firewall when implementing On-Premise Key Store in Information Centric Encryption (ICE) 102.
ICE 102 - On-Premise Key Store
Details of this are in the online Help for ICE 102:
- ICE On-Premises Key Store is using Blue Coat NTP (TCP/UDP 123) to sync clock (UTC)
- HTTPS OUT (TCP 443) must be allowed
- HTTP OUT (TCP 80) may be required
- HTTPS IN (TCP 443) should be allowed for administration (may restrict source)
- SSH IN (TCP 22) is needed if CLI will be accessed remotely
- DNS (TCP/UDP 53)