Industrial Critical System Protection (ICSP) network firewall requirements
Article ID: 267667
Updated On:
Products
Issue/Introduction
Industrial Critical System Protection (iCSP) has specific firewall requirements that need to be met before the installation.
Environment
Release : 5.4.2, 6.1.x
Cause
N/A
Resolution
Please see the URL and port numbers below that need to be whitelisted before deploying the product.
| ICSP FEATURE | URL | PORT |
|
Additional updates |
cdnup.bluecoat.com |
80 |
|
NTP server to set the scanner system time |
ntp.bluecoat.com |
123 |
| Enable license activation | device-services.es.bluecoat.com | 443 |
|
System heartbeat monitoring |
subscription.es.bluecoat.com |
443 |
|
LiveUpdate |
liveupdate.symantec.com/ |
80 or 443 |
|
Telemetry |
shasta-clt.symantec.com/stargateping |
443 |
|
FileReputation |
ent-shasta-rrs.symantec.com/mrclean |
443 |
|
MobileInsight |
mobinsight.symantec.com/miqs/v1/ |
443 |
You can configure your network firewall to allow above specific sites and port numbers
OR
set rules to allow *.symantec.com:80/* , *.symantec.com:443/* , *.bluecoat.com:80/* , *.bluecoat.com:123/* , *.bluecoat.com:443/*
OR
set a rule to allow *.symantec.com:* and *.bluecoat.com:*
Feedback
