Firewall Rules Necessary to Ensure IBM Security Systems and Lotus Protector for Mail Security Products Can Update

Technote (FAQ)


Question

Which firewall rules should be in place to ensure that IBM Security Systems and Lotus Protector for Mail Security products can obtain updates?

Answer

IBM Security Systems (ISS) products contact various Update Servers within the IBM Security Systems infrastructure to receive content and product updates. In most customer environments, specific firewall rules are required to allow this communication. If these rules are not in place, it is likely those ISS products will not be able to update.
Please visit Technote #1625720 for full details.


The following firewall-allow rules should be in place to ensure security content updates are successful:

esdhttp.flexnetoperations.com - port 443
esdhttp-dr.flexnetoperations.com - port 443
ibmdownload.flexnetoperations.com - port 443
ibmdownload-dr.flexnetoperations.com - port 443
ibms-ibmxpu.flexnetoperations.com -port 443
ibms-issupdate.flexnetoperations.com - port 443
ibms-issxpu.flexnetoperations.com - port 443
ibmxpu.flexnetoperations.com - port 443
ibmxpu-dr.flexnetoperations.com - port 443
update.iss.net - port 443
update.xforce-security.com - port 443
xpu.iss.net - port 443

NOTE : For ip-based firewall rules, the below range covers all the updating and licensing servers mentioned above.

64.14.29.0/24 - port 443 (Hosted by Flexera Software)
64.27.162.0/24 - port 443 (Hosted by Flexera Software)


For the Onetrust licensing system, please add the following rule:

onetrust.iss.net - port 443 (IP 170.226.62.18)


For Proventia M/MX products that require filterDB updates:

filterdb.iss.net - port 443


For Proventia XGS products:

update.xforce-security.com - port 443 (IP 5.153.55.164, 50.23.177.148 and 108.168.233.61)
license.xforce-security.com - port 443 (IP 5.153.55.165, 50.23.177.149 and 108.168.233.60)


For documentation features in Site Protector:

www.iss.net - port 443, port 80


For on-Demand Service customers, the following rule should be added as well:

portal.mss.iss.net 443


For AlertCon notifications, the following rule should be added as well:

SiteProtector 2.9 or lower: services.iss.net 443
SiteProtector 3.0 and above: Flexera Download servers listed above


For Proventia Network Mail Security and Lotus Protector for Mail Security only:

license.cobion.com - port 443
dnsblserver.cobion.com - UDP and TCP port 53 (zone transfers for the DNSBL zone dnsbl.cobion.com)
update*.cobion.com - port 443 (currently there are the following hosts: update1, update2, update3, pdate5 and update7)


If the above information does not resolve your issue, please contact IBM Security Systems Customer Support.

Cross reference information
Segment Product Component Platform Version Edition
Security IBM Security Host Protection Proventia Server Linux, Windows 2.2.2, 1.5.0, 2.2 All Editions
Security IBM Security Virtual Server Protection for VMware Firmware 1.0, 1.1, 1.1.0.1 All Editions
Security Internet Scanner Software Windows 7.0.2 All Editions
Security Proventia Desktop Endpoint Security Windows 8.0, 9.0, 10.0, 10.1 All Editions
Security IBM Security SiteProtector System Windows All Editions
Security Proventia Network Enterprise Scanner Firmware 1.4, 2.1, 2.2, 2.3 All Editions
Security Proventia Network Mail Security System Firmware 1.8, 2.4, 2.5, 2.5.1, 2.6, 2.5.0.2, 2.8 All Editions
Security Proventia Network Multi-Function Security Firmware 3.14, 3.15, 4.1, 4.2, 4.3, 4.4 All Editions
Security IBM Security Network Protection Firmware 5.0 All Editions
Security IBM RealSecure Server Sensor for Windows All Editions
Security IBM RealSecure Server Sensor for Solaris All Editions
Security IBM RealSecure Server Sensor for HP-UX All Editions
Security IBM RealSecure Server Sensor for AIX All Editions
Security Proventia Network Mail Security System All Editions
Security Lotus Protector for Mail Security All Editions

Historical Number

5573

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Security Network Intrusion Prevention System

Software version:

1.8, 2.5, 3.3, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6

Operating system(s):

Firmware

Reference #:

1437057

Modified date:

2013-02-22

Translate my page

Machine Translation

Content navigation