What are the firewall settings for Scanner Appliance?

The Scanner Appliance needs to be able to communicate with the Holm Security VMP cloud platform. For this, the following firewall settings are required and are specific per datacenter.

General requirements

For security reasons, we require the Scanner appliance to use one single source IP for outbound public access.  

Sweden, Stockholm 

Outgoing communication over the following ports:

  • 443
  • 8022

Outgoing communication to the following network:

  • IPv4: 185.163.84.0/22
    • If /22 is too large to grant access for, then use the following: 185.163.84.0/24 and 185.163.85.0/24
  • IPv6: 2a0b:6800::/29

Incoming communication:

  • 40000 - 41000 (available from Revision 41+)
    • Only required to run Active remote vulnerability tests (like certain log4j)  

Test connection

To test the connection from your local network, connect using a SSH client over port 8022 against 185.163.84.80 and with wget/curl against 185.163.84.90 on port 8022 (should return Error 406).

Outbound IP network access for 3rd party services:

NOTE; All these service endpoints are configurable, but are required for the system to work properly

  • NTP: UDP 123
  • DNS: TCP/UDP 53

Malaysia, Kuala Lumpur

Outgoing communication over the following ports:

  • 443
  • 8022

Outgoing communication to the following network:

  • 47.254.201.3
  • 47.254.215.77
  • 185.163.84.50
  • 185.163.84.90
  • 185.163.85.24

Incoming communication:

  • 40000 - 41000 (available from Revision 41+)
    • Only required to run Active remote vulnerability tests (like certain log4j)  

Test connection

To test the connection from your local network, connect using a SSH client over port 8022 against 47.254.215.77 and with wget/curl against 185.163.84.90 OR 185.163.85.24 on port 8022 (should return Error 406).

Outbound IP network access for 3rd party services:

NOTE; All these service endpoints are configurable, but are required for the system to work properly

  • NTP: UDP 123
  • DNS: TCP/UDP 53
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.