Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

IP address to exclude from firewall to allow Deep Security Manager (DSM) to Deep Security Agent (DSA) communication

    • Updated:
    • 4 Jun 2014
    • Product/Version:
    • Deep Security as a Service 2.0
    • Platform:
    • Windows 2008 Server R2
Summary
This article discusses which IP address to exclude from your firewall to all DSM to DSA communication.
Details
Public
In Deep Security as a Service (DSaaS), the preferred communication direction is Agent-initiated communication. This means that the Agent contacts the DSM at a given heartbeat. All policies done from the DSM console will be fetched by the Agent on the next heartbeat via port 443.
There are some administrators who want to use bidirectional communication direction. This means that the Agent initiates the heartbeat but listens to port 4118 for DSM connections. The DSM is also able to contact the Agent to perform operations as required. This allows the DSM to apply changes to the security configuration to Agent/appliance immediately as they occur.
To allow the DSM to push the policy or secuirty configuration to the Agent, the following should be allowed on your firewall:
Note: Consult your network administrator on how to whitelist the traffic to the firewall.
Source IP Address: 54.221.196.0/24
Destination IP: IP address/range of machines with DSA
Destination port: 4118
Premium
Internal
Rating:
Category:
Configure; Troubleshoot
Solution Id:
1103762
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.