The Scanner Appliance needs to be able to communicate with the Holm Security VMP cloud platform. For this, the following firewall settings are required and are specific per datacenter.
General requirements
For security reasons, we require the Scanner appliance to use one single source IP for outbound public access.
Sweden, Stockholm
Outgoing communication over the following ports:
- 443
- 8022
Outgoing communication to the following network:
- IPv4: 185.163.84.0/22
- If /22 is too large to grant access for, then use the following: 185.163.84.0/24 and 185.163.85.0/24
- IPv6: 2a0b:6800::/29
Incoming communication:
- 40000 - 41000 (available from Revision 41+)
- Only required to run Active remote vulnerability tests (like certain log4j)
Test connection
To test the connection from your local network, connect using a SSH client over port 8022 against 185.163.84.80 and with wget/curl against 185.163.84.90 on port 8022 (should return Error 406).
Outbound IP network access for 3rd party services:
NOTE; All these service endpoints are configurable, but are required for the system to work properly
- NTP: UDP 123
- DNS: TCP/UDP 53
Malaysia, Kuala Lumpur
Outgoing communication over the following ports:
- 443
- 8022
Outgoing communication to the following network:
- 47.254.201.3
- 47.254.215.77
- 185.163.84.50
- 185.163.84.90
- 185.163.85.24
Incoming communication:
- 40000 - 41000 (available from Revision 41+)
- Only required to run Active remote vulnerability tests (like certain log4j)
Test connection
To test the connection from your local network, connect using a SSH client over port 8022 against 47.254.215.77 and with wget/curl against 185.163.84.90 OR 185.163.85.24 on port 8022 (should return Error 406).
Outbound IP network access for 3rd party services:
NOTE; All these service endpoints are configurable, but are required for the system to work properly
- NTP: UDP 123
- DNS: TCP/UDP 53
0 Comments