Required ports, protocols, and services for the ISG appliance

book

Article ID: 221083

calendar_today

Updated On:

Products

SSP-S410 PLATFORM

Issue/Introduction

You want to know the required ports, protocols, and services for the ISG appliances.

Resolution

Inbound-Only Connection :

Component Default Port Protocol Configurable Source Description
SSH 22 TCP No SSH client SSH management of the appliance
SNMP 161 UDP Yes SNMP client SNMP monitoring

 

 

 

 

 

Outbound-Only Connections:

Component Default Port Protocol Configurable Source Description
Appliance certificate 444 TCP No Symantec server Certificate updates
DNS 53 TCP/UDP No DNS server Port used by your DNS servers
Diagnostics 443 TCP No Symantec server Heartbeats, SysInfo uploads
Email notifications 25 TCP No SMTP server Email notifications
HTTP 80 TCP No Internet Regular HTTP access to internet
Log client (custom) 69 TCP Yes Custom log server Sending access logs to configured server
Log client (FTP, plain and secure) 21 TCP Yes FTP/S log server Sending access logs to configured server
Log client (HTTP, plain and secure) 80 TCP Yes HTTP/S log server Sending access logs to configured server
Log client (SCP) 22 TCP Yes SCP log server Sending access logs to configured server
Symantec Management Center, Symantec Director 22 TCP No Management Center, Director Management Center and Director registration
(Not applicable to Advanced Secure Gateway)
NTP 123 UDP Yes NTP server Periodic time update from default or configured NTP servers
RADIUS 1812 TCP Yes RADIUS server RADIUS authentication
SOCKS 1080 TCP/UDP No SOCKS server Forwarding traffic to SOCKS proxy
Syslog 514 UDP No Syslog server Syslog uploads to remote server

 

URLs and IP Addresses for Symantec Services :

Component Ports Protocols URLs IP Addresses Description
Licensing 443 TCP device-services.es.bluecoat.com 192.19.237.100 Appliance license management
Licensing 443  TCP services.bluecoat.com 192.19.237.103 License administration
Licensing 443  TCP download.bluecoat.com 192.19.237.102 License administration
PKI - Appliance validation 443  TCP abrca.bluecoat.com 192.19.237.69 Symantec appliance Certificate Authority
PKI - CA certificates 443  TCP appliance.bluecoat.com   Trust package downloads
NTP 80  TCP download.bluecoat.com 199.91.133.16
192.19.237.102
Time zone database downloads
Diagnostics 443 TCP hb.bluecoat.com   Appliance heartbeat information to Symantec
Diagnostics 443 TCP upload.bluecoat.com
mft.symantec.com
  Diagnostic report uploads to Symantec support