Firewall ports

• Backup & Restore using a standard FTP server.

• Export of transaction logs using a standard FTP server.

• Backup & Restore using a standard FTP server.

• Export of transaction logs using a standard FTP server.

• Backup & Restore using SFTP.

• Export of transaction logs using SFTP.

• Connecting with a server containing lexical data for import using SFTP.

• SSH access to the Gateway.

• Inbound SMTP.

• Outbound SMTP.

  (If your system uses an alternative port, open that instead.)

• DNS access to TRUSTmanager.

• DNS requests using DNS servers.

  (Only allow outbound requests to the specified DNS servers, and responses from those servers.)

• HTTP access to the Junk Email and Malware Detection Servers.

• HTTP access to the policy rule/engine and spam update servers.

• HTTP access to OCSP CRL lookup.

• HTTP access to the RSS Feed from:

  www.clearswift.com

*.mailshell.net

• HTTP access to the Spam Detection statistics from mailshell.

• HTTP access to SpamLogic Rule/Engine updates.

• Access to NTP services (if configured).

• The following server is configured by default:

  2.rhel.pool.ntp.org

• NTLM user authentication when using PMM in Full mode.

• NTLM user authentication when using PMM in Full mode.

• NTLM user authentication when using PMM in Full mode.

• SNMP inbound.

  (The port used by an SNMP browser when scanning the Gateway.)

• SNMP alerts.

• LDAP directory access.

• LDAP Key Server Queries.

• HTTPS access to the PMM interface, if using PMM.

• HTTPS access to the web UI and for communications between Peer Gateways.

• HTTPS Key Server Queries.

• General HTTPS web access.

• HTTPS lexical data import.

• HTTPS access to the Online Help.

• HTTPS access to the update server for TRUSTmanager statistics.

• HTTPS MTA-STS policy file queries.

• HTTPS access to the managed lists, such as the Managed Lexical Expression Lists:

  applianceupdate.clearswift.com

• HTTPS access to Sophos URL Lookup Server:

  4.sophosxl.net

• HTTPS access to Sophos Sandboxing Servers to allow the rendering of sandboxing reports:

  cdn.analysis.sophos.com

• HTTPS access to Sophos Sandboxing Server (port is used for sending potential malware for scanning, and this traffic must not be blocked):

  analysis.sophos.com

  apac.analysis.sophos.com

  au.analysis.sophos.com

  de.analysis.sophos.com

  uk.analysis.sophos.com

  us.analysis.sophos.com

*.fortra.com

• HTTPS access to the Service Availability List.

• HTTPS access to the Update Server for license management.

• HTTPS access to the product and Operating System updates.

• HTTPS access to the Fortra Threat Brain service and its authentication service.

*.clearswift.net

• HTTPS access to the Avira Update Servers for fetching anti-virus updates and software upgrades. (You may also add *.apc.avira.com.)

• HTTPS access to the Sophos Update Servers for fetching anti-virus updates and software upgrades.

• HTTPS access to the SpamAssassin ruleset database.

• HTTPS access to the PhishTank URL database.

• NTLM user authentication when using PMM in Full mode.

• Access to a syslog server (default port for log export).

• LDAPS directory access.

• LDAPS Key Server Queries.

• Backup & Restore using a secure FTP (FTPS) server.

• Export of transaction logs using a secure FTP (FTPS) server.

• Connecting with a server containing lexical data for import using a secure FTP (FTPS) server.

• Backup & Restore using a secure FTP (FTPS) server.

• Export of transaction logs using a secure FTP (FTPS) server.

• Connecting with a server containing lexical data for import using a secure FTP (FTPS) server.

• LDAP connection to an Active Directory Global Catalog port.

• LDAPS connection to an Active Directory Global Catalog port.

• HTTPS connection to Red Hat Cockpit.

• HTTPS Key Server Queries.