What is the firewall configuration requirement for F-Secure Rapid Detection Service (RDS) network sensor?
As the device needs to call the RDS backend for collection and management purposes, you must allow connections to the following hosts:
Should there be no way of whitelisting on a per-domain basis, IP addresses are provided below:
- doorman.sc.fsapi.com over TCP port 443
- lorsp.sc.fsapi.com over TCP port 443
- lorsp.sc2.fsapi.com over TCP port 443
- por1-timon-alpha02.sp.f-secure.com over TCP ports 4505 and 4506
- time.f-secure.com over UDP port 123
Note: The IP addresses can change due to modifications to the backend environment; use the command dig +noall +answer <domain.to.check> (Linux) or nslookup <domain.to.check> (Windows) to get the IP address to which the domain <domain.to.check> resolves.
- 188.8.131.52 over TCP port 443
- 184.108.40.206, 220.127.116.11, 18.104.22.168 over TCP port 443
- 22.214.171.124 over TCP ports 4505 and 4506
- 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11 over UDP port 123
Article no: 000003525