You're configuring a Symantec Endpoint Protection Manager (SEPM) in an environment with a perimeter network device that restricts access to the Internet. You need to know which URLs the SEPM needs access to in order for all functions of the console to work normally.
The following URLs are used by the SEPM to connect for definition engine and content updates (LiveUpdate):
If access to the two update sites is not available, then some other type of definition update method will need to be implemented. Options here include updating from a LiveUpdate Administrator server within your network, or updating from a JDB file. Please refer to the available documentation: Choose a distribution method to update content on clients.
Additionally, the following URLs are used for the retrieval of information about the latest definitions from Symantec. If access to these URLs is not available, then definition information from Symantec will not be available on the SEPM Home Page, and expanded details regarding threats found in the environment will also not be available. There is currently no alternate method for obtaining this Security Response data, however this does not represent a critical lack of functionality for the SEPM.
The following URLs are used for telemetry:
The following URL is used to activate the license, and to verify if the license being used is current and active:
Additional URLs to allow if the Symantec Endpoint Protection Manager is enrolled in the cloud console:
Symantec Cloud API gateway:
Cloud storage services; Used for the secure upload of large data files to the cloud. If this URL is blocked, Symantec Endpoint Protection Manager cannot upload device, device group, and events information to the cloud.
https://storage.googleapis.com (14.3 RU2 and earlier)
https://uploads.sep.securitycloud.symantec.com (14.3 RU3 or later)
Cloud notification service (SPOC):