Changes that may be required on your firewall when implementing On-Premise Key Store in Information Centric Encryption (ICE) 102.

ICE 102 - On-Premise Key Store

Details of this are in the online Help for ICE 102:
http://help.symantec.com/home/ICE1.0?locale=EN_US

• ICE On-Premises Key Store is using Blue Coat NTP (TCP/UDP 123) to sync clock (UTC)
• HTTPS OUT (TCP 443) must be allowed
• HTTP OUT (TCP 80) may be required
• HTTPS IN (TCP 443) should be allowed for administration (may restrict source)
• SSH IN (TCP 22) is needed if CLI will be accessed remotely
• DNS (TCP/UDP 53)