Listing of External URLs which the Symantec Endpoint Protection Manager needs access to for complete functionality
search cancel

Listing of External URLs which the Symantec Endpoint Protection Manager needs access to for complete functionality

book

Article ID: 153058

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

You're configuring a Symantec Endpoint Protection Manager (SEPM) in an environment with a perimeter network device that restricts access to the Internet. You need to know which URLs the SEPM needs access to in order for all functions of the console to work normally. 

Resolution

The following URLs are used by the SEPM to connect for definition engine and content updates (LiveUpdate):

http://liveupdate.symantecliveupdate.com

https://liveupdate.symantecliveupdate.com

http://liveupdate.symantec.com

https://liveupdate.symantec.com

If access to the two update sites is not available, then some other type of definition update method will need to be implemented. Options here include updating from a LiveUpdate Administrator server within your network, or updating from a JDB file. Please refer to the available documentation: Choose a distribution method to update content on clients.

 

Additionally, the following URLs are used for the retrieval of information about the latest definitions from Symantec. If access to these URLs is not available, then definition information from Symantec will not be available on the SEPM Home Page, and expanded details regarding threats found in the environment will also not be available. There is currently no alternate method for obtaining this Security Response data, however this does not represent a critical lack of functionality for the SEPM. 

https://www.broadcom.com/support/security-center

https://www.symantec.com

https://www.symantec.com/avcenter/venc/auto/defstats.xml

 

The following URLs are used for telemetry:

https://tses.broadcom.com

https://telemetry.broadcom.com

 

The following URL is used to activate the license, and to verify if the license being used is current and active:

https://services-prod.symantec.com/service/IPLService.serviceagent/IPLendpoint1

Additional Information

Additional URLs to allow if the Symantec Endpoint Protection Manager is enrolled in the cloud console:

 

Symantec Cloud API gateway:

https://usea1.r3.securitycloud.symantec.com

 

Cloud storage services; Used for the secure upload of large data files to the cloud. If this URL is blocked, Symantec Endpoint Protection Manager cannot upload device, device group, and events information to the cloud.

https://storage.googleapis.com (14.3 RU2 and earlier)

https://uploads.sep.securitycloud.symantec.com (14.3 RU3 or later)

 

Cloud notification service (SPOC):

https://us.spoc.securitycloud.symantec.com

Powered by Wolken Software