What Ports must be opened on the Firewall and Proxy Servers?

What Ports must be opened on the Firewall and Proxy Servers?

search cancel

What Ports must be opened on the Firewall and Proxy Servers?

book

Article ID: 285220

calendar_today

Updated On:

Products

Carbon Black Cloud Endpoint Standard (formerly Cb Defense) Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)

Issue/Introduction

What ports must be opened on the Firewall or Proxy servers to allow the sensor to communicate with the various Carbon Black Cloud services?

Environment

Carbon Black Cloud (Formerly PSC) Console: All Versions
Endpoint Standard (Formerly CB Defense) Sensor: All Versions
Microsoft Windows: All Supported Versions
Apple MAC OS: All Versions

Resolution

This information can be found in our Configuration Guide.

Additional Information

If "Submit unknown binaries for analysis" is enabled, all traffic goes through CB Defense Device Services before it is routed to the Carbon Black Cloud.
To determine whether the agent is "onsite" or "offsite" the sensor sends a ICMP echo to see if the each DNS suffix address is reachable. In this case you may observe outbound connections to your Domain Controllers from the Sensor Service (RepMgr).

Feedback

thumb_up Yes

thumb_down No