Enterprise Firewall Settings
If the nShield Monitor appliance is separated from any of its services or endpoints by a firewall, you must configure the firewall to allow passage of the appropriate IP protocols. For example:
-
Services, such as NTP, DNS, or SMTP server.
-
Endpoints, such as user devices.
The table in this section lists the ports that, at a minimum, you must configure to support connectivity.
Port Configurations
| Protocol | Transport | Port | Direction | Description |
|---|---|---|---|---|
Echo1 |
N/A |
N/A |
Both |
Echo/ICMP Pings |
SSH |
TCP/UDP |
22 |
Inbound |
nShield Monitor Remote Console Management |
HTTPS |
TCP |
443 |
Both |
nShield Monitor Web UI & firmware upgrade |
DNS |
TCP/UDP |
53 |
Outbound |
nShield Monitor Web UI & firmware upgrade DNS |
NTP |
UDP |
123 |
Outbound |
nShield Monitor utilization of Network Time Protocol |
SNMP |
UDP |
161 |
Outbound |
Monitoring devices via SNMPV3 |
SNMP |
UDP |
162 |
Outbound |
SNMPV3 Notification |
System Log |
UDP |
514 |
Outbound |
Remote system log alerts |
SMTP |
TCP |
25 |
Outbound |
nShield Monitor sending email alerts |
SMTP |
TCP |
465 |
Outbound |
nShield Monitor sending email alerts |
FTP |
TCP |
21 |
Both |
nShield Monitor firmware upgrade option |
HTTP |
TCP/UDP |
80 |
Outbound |
nShield Monitor firmware upgrade option |
Echo Reply |
Both |
ICMP Response (code 0) |
||
Echo Request |
Both |
ICMP Request (code 8) |