Technote (FAQ)
Question
Which firewall rules should be in place to ensure that IBM Security Systems and Lotus Protector for Mail Security products can obtain updates?
Answer
IBM Security Systems (ISS) products contact various Update Servers within the IBM Security Systems infrastructure to receive content and product updates. In most customer environments, specific firewall rules are required to allow this communication. If these rules are not in place, it is likely those IBM Security Solutions products will not be able to update.
Please visit Technote #1625720 for full details.
The following firewall rules should be in place to ensure updates are successful:
- xpu.iss.net - port 443
- update.iss.net - port 443
- download.iss.net - port 443
- www.iss.net - port 443, port 80
- filterdb.iss.net - port 443
- esdhttp.flexnetoperations.com - port 443
- ibmxpu.flexnetoperations.com - port 443
- ibmdownload.flexnetoperations.com - port 443
- 64.14.29.0/24 - port 443 (Hosted by Flexera Software)
- 64.27.162.0/24 - port 443 (Hosted by Flexera Software)
- portal.mss.iss.net 443 (Only for On-Demand Service customers)
- services.iss.net 443 (Only for AlertCon notification and On-Demand Service customers)
For Proventia Network Mail Security and Lotus Protector for Mail Security only:
- license.cobion.com - port 443
- dnsblserver.cobion.com - UDP and TCP port 53 (zone transfers for the DNSBL zone dnsbl.cobion.com)
- update*.cobion.com - port 443 (currently there are the following hosts: update1, update2, update3, update5 and update7)
If the above information does not resolve your issue, please contact IBM Security Systems Technical Support.
| Segment | Product | Component | Platform | Version | Edition |
|---|---|---|---|---|---|
| Security | IBM Security Host Protection | Not Applicable | AIX, HP-UX, Linux, Windows | 2.2.2, 7.0 - SR 4.1, 7.0 - SR 4.2, 7.0 - SR 4.3, 7.0 - SR 4.4, 1.0.0 | All Editions |
| Security | IBM Security Virtual Server Protection for VMware | Firmware | 1.0, 1.1, 1.1.0.1 | All Editions | |
| Security | Internet Scanner Software | Windows | 7.0.2 | All Editions | |
| Security | Proventia Desktop Endpoint Security | Windows | 8.0, 9.0, 10.0, 10.1 | All Editions | |
| Security | Proventia Endpoint Secure Control | Not Applicable | Windows | 1.0, 1.0.2 | All Editions |
| Security | Proventia Management SiteProtector System | Windows | All Editions | ||
| Security | Proventia Network Enterprise Scanner | Firmware | 1.4, 2.1, 2.2, 2.3 | All Editions | |
| Security | Proventia Network Intrusion Prevention System | Firmware | 1.0, 1.5, 1.6, 1.7, 1.8, 2.3, 2.4, 2.5, 3.1, 3.2, 3.3, 4.1, 4.2, 4.3, 4.4, 4.5 | All Editions | |
| Security | Proventia Network Intrusion Prevention System for Crossbeam | Firmware | 2.0 | All Editions | |
| Security | Proventia Network Mail Filter | Windows | 2.5, 2.5.2 | All Editions | |
| Security | Proventia Network Mail Security System | Firmware | 1.8, 2.4, 2.5, 2.5.1, 2.6, 2.5.0.2, 2.8 | All Editions | |
| Security | Proventia Network Multi-Function Security | Firmware | 3.14, 3.15, 4.1, 4.2, 4.3, 4.4 | All Editions | |
| Security | Proventia Virtualized Network Security Platform | Firmware | 3.1, 3.3, 4.1, 4.3, 4.4, 4.5 | All Editions | |
| Security | RealSecure Network Sensor | Linux, Windows | 7.0 | All Editions | |
| Security | Proventia Network Security Controller | Firmware | 1.0 | All Editions | |
| Security | Proventia Network Intrusion Detection System | Firmware | 1.4 | All Editions | |
| Security | IBM Security Network Protection | Firmware | 5.0 | All Editions | |
| Security | Tivoli Federated Identity Manager | AIX, Linux, Solaris, Windows, HP-UX | 6.2.2 | Advanced | |
| Security | IBM RealSecure Server Sensor for Windows | All Editions | |||
| Security | IBM RealSecure Server Sensor for Solaris | All Editions | |||
| Security | IBM RealSecure Server Sensor for HP-UX | All Editions | |||
| Security | IBM RealSecure Server Sensor for AIX | All Editions | |||
| Security | Proventia Network Mail Filter | All Editions | |||
| Security | Proventia Network Mail Security System | All Editions | |||
| Security | Proventia Web Filter | All Editions | |||
| Security | Lotus Protector for Mail Security | All Editions |
Historical Number
5573
Product Alias/Synonym
IBM Proventia Network IDS - A
IBM Proventia Network IPS - G
IBM Proventia Network MFS - M
SiteProtector Security Fusion Module
SiteProtector Event Collector
Proventia Network Mail Security
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.