Endpoint Protection

 View Only
  • 1.  Unmanaged in the DMZ

    Posted Feb 16, 2010 12:34 AM
    Hello Team,
    If I have a server in the DMZ running Unmanaged,
    do I still need to open port 8014?

    What port does live update in this case require?

    Thanks! 


  • 2.  RE: Unmanaged in the DMZ
    Best Answer

    Posted Feb 16, 2010 12:42 AM
    8014 is the port for communicating with SEPM so it is not applicable in case of unmanaged.
    Refer this doc you will get the idea
    How to determine whether your firewall is blocking LiveUpdate 


  • 3.  RE: Unmanaged in the DMZ

    Posted Feb 16, 2010 01:09 AM
     When configuring a firewall operating between the SEP client in DMZ and SEPM in local LAN it is necessary to allow on the firewall only one of the two ports: HTTP 8014/80 or HTTPS 443, which is answering the security standards and it is limiting open ports to necessary minimum. Limited number of open ports is allowing the firewall Administrator to monitor the communication and create appropriate rules on the application level granting only to SEP processes the rights to use dedicated open ports.

    Cheers
    Grant


  • 4.  RE: Unmanaged in the DMZ

    Broadcom Employee
    Posted Feb 16, 2010 01:17 AM

    apart from the above suggestions, yopu may need to check if replication is there to be enabled in your network, you may need to open port 8443 as well.

     

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007090614430148



  • 5.  RE: Unmanaged in the DMZ

    Posted Feb 16, 2010 01:18 AM
    He is telling about unmanaged client ."DMZ running Unmanaged," 


  • 6.  RE: Unmanaged in the DMZ

    Broadcom Employee
    Posted Feb 16, 2010 01:48 AM
    hi,

    yes, sorry for reading it otherwise.


  • 7.  RE: Unmanaged in the DMZ

    Posted Feb 16, 2010 11:37 AM
     That really helped!
    Thanks again!