Firewall and Proxy Settings Required for vDefend IDPS Signature Download on NSX Manager

search cancel

Firewall and Proxy Settings Required for vDefend IDPS Signature Download on NSX Manager

book

Article ID: 409575

calendar_today

Updated On:

Products

VMware NSX Firewall VMware vDefend Firewall VMware vDefend Firewall with Advanced Threat Prevention

Issue/Introduction

When IDPS function is enabled and auto-update is activated in NSX, the NSX Manager checks every 4 hours with NTICS (NSX Threat Intelligence Cloud Service) to see if the latest signatures have been released.
If a newer version of the signatures is available compared to the ones currently held, it will download them.
To avoid interfering with this communication, the following domains must be allowed on the firewall or proxy.

Environment

NSX-T 4.0.X, 4.1.X, 4.2.X

Cause

Resolution

The NSX Manager for NSX versions 4.0.X, 4.1.X, and 4.2.X accesses NTICS via HTTPS for IDS signature downloads.
The firewall or proxy must allow communication to '*.prod.nsxti.vmware.com' on port 443 (TCP).

You can also check the following site to determine what types of communication need to be permitted to ensure connectivity between NSX Manager and NTICS (NSX Threat Intelligence Cloud Service)

https://ports.broadcom.com/home/NSX

Additional Information

https://ports.broadcom.com/home/NSX

Feedback

thumb_up Yes

thumb_down No