SEP 12.1 - Client Activity: Push or Pull?
I have SEP and I have quite a few different DMZ arms. I'd like to use a single management console, however I can only really do that if the content and policy update proceses are on a "push" delivery method from the management console. I plan on using an individual GUP for each arm of my DMZ (each arm has a different subnet) which covers the content but the policies and informational updates are something I can't quite find any info on. I know that the policies come directly from the SEPM and do not proxy off the GUP.
IIRC from SEP 11 these are the client related ports:
- 80 - Client-Manager Comm
- 443 - Client-Manager Comm
- 2967 - Something related to the Update Providers
- 8014 - Client-Manager Comm
What I am specifically looking for, is information relating to the direction of the communication initiation. For example, if the clients attempt to update policy via port 80, this would not work for my company's audit regulations as an untrusted zone would be initiating communication back into a trusted zone. In this instance I would most likely have to create a seperate SEP in the DMZ arm.
So quick summary, I have three basic questions:
- GUP activity: Do the GUPs intitiate requests to the SEPM for content?
- Policy Activity: Do the clients initiate requests to the SEPM for policy?
- If the clients initiate all conversations, is there a way to specify that the SEPM pushes the policies and content instead of the clients requesting the push?
Thanks in advance.