What is the firewall configuration requirement for F-Secure Rapid Detection Service (RDS) network sensor?

Issue:

What is the firewall configuration requirement for F-Secure Rapid Detection Service (RDS) network sensor?

Resolution:

As the device needs to call the RDS backend for collection and management purposes, you must allow connections to the following hosts:

  • doorman.sc.fsapi.com over TCP port 443
  • lorsp.sc.fsapi.com over TCP port 443
  • lorsp.sc2.fsapi.com over TCP port 443
  • por1-timon-alpha02.sp.f-secure.com over TCP ports 4505 and 4506
  • time.f-secure.com over UDP port 123
Should there be no way of whitelisting on a per-domain basis, IP addresses are provided below:
  • 52.211.24.218 over TCP port 443
  • 52.30.135.216, 52.214.234.48, 34.251.224.248 over TCP port 443
  • 46.228.134.213 over TCP ports 4505 and 4506
  • 46.228.134.122, 46.228.134.123, 52.211.114.129, 34.241.107.203 over UDP port 123 

Note: The IP addresses can change due to modifications to the backend environment; use the command dig +noall +answer <domain.to.check> (Linux) or nslookup <domain.to.check> (Windows) to get the IP address to which the domain <domain.to.check> resolves.

Article no: 000003525

Pricing & Product Info

For product info and pricing please go to the F-Secure product page

Version history
Revision #:
3 of 3
Last update:
‎07-11-2019 07:14 AM
Updated by: