Enterprise Firewall Settings

If the nShield Monitor appliance is separated from any of its services (for example, NTP, DNS, SMTP server) or endpoints (for example, users devices) by a firewall, you must configure the firewall to allow passage of the appropriate IP protocols.

The table in this section lists the ports that, at a minimum, you must configure to support connectivity.

Port Configurations

Protocol Transport Port Direction Description

Echo1

N/A

N/A

Both

Echo/ICMP Pings

SSH

TCP/UDP

22

Inbound

nShield Monitor Remote Console Management

HTTPS

TCP

443

Both

nShield Monitor Web UI & firmware upgrade

DNS

TCP/UDP

53

Outbound

nShield Monitor Web UI & firmware upgrade DNS

NTP

UDP

123

Outbound

nShield Monitor utilization of Network Time Protocol

SNMP

UDP

161

Outbound

Monitoring devices via SNMPV3

SNMP

UDP

162

Outbound

SNMPV3 Notification

System Log

UDP

514

Outbound

Remote system log alerts

SMTP

TCP

25

Outbound

nShield Monitor sending email alerts

FTP

TCP

21

Both

nShield Monitor firmware upgrade option

HTTP

TCP/UDP

80

Outbound

nShield Monitor firmware upgrade option

Echo Reply

Both

ICMP Response (code 0)

Echo Request

Both

ICMP Request (code 8)