Communication Ports Requirements - Cisco 7010 Installation Manual

Firepower 7000 series; firepower 8000 series

Hide thumbs Also See for 7010:

Product user manual (151 pages)

Help manual (132 pages)

Replacement instructions manual (23 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

page of 204

/ 204
Contents
Table of Contents
Bookmarks

Table of Contents

Security, Internet Access, and Communication Ports

Table 1-6

Firepower System Feature Internet Access Requirements (continued)

Feature

FireAMP integration

intrusion rule, VDB, and GeoDB

updates

network-based AMP

RSS feed dashboard widget

Security Intelligence filtering

system software updates

URL Filtering

whois

Communication Ports Requirements

Firepower System appliances communicate using a two-way, SSL-encrypted communication channel,

which by default uses port 8305/tcp. The system requires this port remain open for basic intra-appliance

communication. Other open ports allow:

•

In general, feature-related ports remain closed until you enable or configure the associated feature. For

example, until you connect the Firepower Management Center to a User Agent, the agent

communications port (3306/tcp) remains closed. As another example, port 623/udp remains closed on

7000 and 8000 Series appliances until you enable LOM.

Do not close an open port until you understand how this action will affect your deployment.

Caution

For example, closing port 25/tcp (SMTP) outbound on a managed device blocks the device from sending

email notifications for individual intrusion events (see the Firepower Management Center Configuration

Guide). As another example, you can disable access to a physical managed device's web interface by

closing port 443/tcp (HTTPS), but this also prevents the device from submitting suspected malware files

to the cloud for dynamic analysis.

Firepower 7000 and 8000 Series Installation Guide

1-14

Internet access is required to...

receive endpoint-based (FireAMP) malware

events from the Collective Security Intelligence

Cloud cloud.

download or schedule the download of a

intrusion rule, GeoDB, or VDB update directly

to an appliance.

perform malware cloud lookups.

download RSS feed data from an external

source, including Cisco.

download Security Intelligence feed data from

an external source, including the Firepower

System Intelligence Feed.

download or schedule the download of a system

update directly to an appliance.

download cloud-based URL category and

reputation data for access control, and perform

lookups for uncategorized URLs.

request whois information for an external host. Any except virtual devices and

access to an appliance's web interface

secure remote connections to an appliance

certain features of the system to access the local or Internet resources they need to function correctly

Chapter 1

Introduction to the Firepower System

Appliances

Management Center

Any except virtual devices and

ASA FirePOWER

Management Center

Any except virtual devices and

ASA FirePOWER

Management Center

ASA FirePOWER

Table of Contents

Show Quick Links

Hide quick links:

Chapters

Table of Contents

This manual is also suitable for:

7120 7115 7125 Amp7150 7020 7030 ... Show all

Communication Ports Requirements - Cisco 7010 Installation Manual

Communication Ports Requirements

Hide quick links:

Chapters

Related Manuals for Cisco 7010

Related Content for Cisco 7010

This manual is also suitable for:

Table of Contents