On-Premise Endpoint

Sophos Enterprise Console Configuring IP addresses for Sophos updates

On-Premise Endpoint requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 2 subscribers
Views 6289 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Configuring IP addresses for Sophos updates

Karsten Koepcke over 5 years ago

I'm new to Sophos, have being reading docs, but am still missing something(s).

In our installation, we have to request access through our firewalls.

That requires an IP address and Port #. Port # seem not to be a problem.

What are the IP address supposed to be for the required URLs as per KB111428.

I am able to query our corporate DNS servers to get addresses associated with these links.

Is this the approved method?

I've also been told by support that the IP address are subject the change and that we are advised to verify these once in a while.

That poses a bit of an issue for us as modifying a Firewall request is time consuming and if it happens often enough, security may complain.

Surely I'm missing something here.

Thanks for any guidance.

Karsten

dci.sophosupd.com
d1.sophosupd.com
d2.sophosupd.com
d3.sophosupd.com
dci.sophosupd.net
d1.sophosupd.net
d2.sophosupd.net
d3.sophosupd.net
ocsp.globalsign.com
ocsp2.globalsign.com
crl.globalsign.com
crl.globalsign.net
ocsp.digicert.com
crl3.digicert.com

This thread was automatically locked due to age.

Parents

0 QC over 5 years ago

Hello Karsten,

you are using the on-premise, SEC-managed SESC and not Sophos Central? Please note that only the Update Manager (SUM) on the management server requires access to these sites.

if it happens often enough
Quite a number of services and sites uses CDNs so this is not a Sophos-specific scenario. CDNs normally rely on DNS to present the "nearest" server(s) for a given URL. Nearest depends not (only) on your geo-location but (also) on your ISP - something neither the CDN and even less the service-provider can know or control. Nevertheless server/service addresses aren't changed just for the fun of it thus even if you can't allow connections by name/URL it won't happen often or, in case there's a single address, without sufficient "overlap" of the old and new address.

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 QC over 5 years ago

Hello Karsten,

you are using the on-premise, SEC-managed SESC and not Sophos Central? Please note that only the Update Manager (SUM) on the management server requires access to these sites.

if it happens often enough
Quite a number of services and sites uses CDNs so this is not a Sophos-specific scenario. CDNs normally rely on DNS to present the "nearest" server(s) for a given URL. Nearest depends not (only) on your geo-location but (also) on your ISP - something neither the CDN and even less the service-provider can know or control. Nevertheless server/service addresses aren't changed just for the fun of it thus even if you can't allow connections by name/URL it won't happen often or, in case there's a single address, without sufficient "overlap" of the old and new address.

Christian
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data