Port 80/TCP for Sophos Central Endpoint Protection

Hello everybody,

I am in the process of obtaining my Technican certification for Sophos Central Endpoint & Server Protection and know that ports 80/TCP and 443/TCP must be enabled on the firewall for communication between the endpoint and Sophos Central.

However, as I have seen from the analysis of various log files (e.g. the Windows firewall as part of the update tasks), only 443/TCP is actually used. Is it still necessary to allow port 80/TCP on the firewall for other Sophos services, especially for servers that don't normally need an internet connection?

My question is based on the assumption that we will not use update caches and message relays and that Windows updates, etc. will not be required. It's just a question of knowledge about Sophos Central for me :)

Thank you in advance,
Leon