General

What are the firewall settings for the Scanner Appliance?

The Scanner Appliance needs to be able to communicate with the Holm Security VMP cloud platform. For this, the following firewall settings are required.

For security reasons, we require the Scanner Appliance to use one single source IP address for outbound public access.  

Important when scanning across subnets

If you are performing scans on a different subnet within your environment, it is important to allow the local IP address of the Scanner Appliance in your firewall settings for communication with the target subnet.

Ports

Allow outgoing communication over the following ports:

  • 443
  • 8022

Network

Allow outgoing communication to the following network:

  • IPv4: 185.163.84.0/22
    If a /22 network is too large to grant access to, please use the following:
    185.163.84.0/24 and 185.163.85.0/24
  • IPv6: 2a0b:6800::/29

Test the connection
You can test the communication from the Scanner Appliance by running a connectivity test from the Scanner Appliance interface. To do so, read this article:
https://support.holmsecurity.com/knowledge/how-do-i-run-a-connectivity-test-for-the-scanner-appliance

To test the connection manually from your local network, connect using an SSH client over port 8022 against 185.163.84.80 and with wget/curl against 185.163.84.90 on port 8022 (should return "Error 406").