What is the firewall configuration requirement for F-Secure Rapid Detection Service (RDS) network se

Issue:

What is the firewall configuration requirement for F-Secure Rapid Detection Service (RDS) network sensor?

Resolution:

As the device needs to call the RDS backend for collection and management purposes, you must allow connections to the following hosts:

  • doorman.sc.fsapi.com over TCP port 443
  • lorsp.sc.fsapi.com over TCP port 443
  • lorsp.sc2.fsapi.com over TCP port 443
  • por1-timon-alpha02.sp.f-secure.com over TCP ports 4505 and 4506
  • time.f-secure.com over UDP port 123
Should there be no way of whitelisting on a per-domain basis, IP addresses are provided below:
  • 52.211.24.218 over TCP port 443
  • 52.30.135.216, 52.214.234.48, 34.251.224.248 over TCP port 443
  • 46.228.134.213 over TCP ports 4505 and 4506
  • 46.228.134.122, 46.228.134.123, 52.211.114.129, 34.241.107.203 over UDP port 123 

Note: The IP addresses can change due to modifications to the backend environment; use the command dig +noall +answer <domain.to.check> (Linux) or nslookup <domain.to.check> (Windows) to get the IP address to which the domain <domain.to.check> resolves.

Article no: 000003525

Sign In or Register to comment.