Certain features of the appliance require a small amount of pre-work. We have endeavoured to create a platform that required zero client footprint – no agents, and no leave-behinds on your endpoints. To make that possible however, we require the ability to remotely administer these endpoints. Luckily, this is easily accomplished, and is a one-time effort.
The salient points are as follows:
- Network-based firewalls or Intrusion Prevention systems must allow communication from the appliance to your endpoints.
- Local firewalls or Endpoint Protection applications must also allow for communication from the appliance.
-
The simplest method to ensure connectivity through your Endpoint Protection product, is to add a firewall and/or complete exception from the appliance’s IP address to all endpoints over all ports and through all protections.
-
Windows Inventory processes typically communicate over TCP ports 135, 139 and 445 (WMI, RPC, SMB) and UDP ports 137 and 138 (NetBIOS). Windows Inventory communicates over those ports using the following “services” (To ensure these services respond to our inventory, please refer to Appendix 1.2 – Allowing Inventory services using Group Policy…)
- WMI
- Remote Procedure Calls (RPC)
- SMB (CIFS)
- OSX, Linux and Solaris Inventory processes are carried out over SSH (TCP port 22)
- SNMP Inventory processes are carried out over UDP ports 161 and/or 162
- VMware vCenter Inventory process are carried out over HTTPS (TCP port 443)