Cisco Cisco Email Security Appliance X1070 User Guide

80

HTTP

Out

cdn-microupdates.cloud
mark.com 

Used for updates to third-party spam 
component in Intelligent MultiScan. 
Appliance must also connect to CIDR 
range 208.83.136.0/22 for third-party 
phone home updates.

82

HTTP

In

AsyncOS IPs

Used for viewing the Cisco Anti-Spam 
quarantine.

83

HTTPS

In

AsyncOS IPs

Used for viewing the Cisco Anti-Spam 
quarantine.

110

TCP

Out

POP Server

POP authentication for end users for 
Cisco Spam Quarantine

123

UDP

In & Out

NTP Server

NTP if time servers are outside 
firewall.

143

TCP

Out

IMAP Server

IMAP authentication for end users for 
Cisco Spam Quarantine

161

UDP

In

AsyncOS IPs

SNMP Queries

162

UDP

Out

Management Station

SNMP Traps

389 

3268

LDAP

Out

LDAP Servers

LDAP if LDAP directory servers are 
outside firewall. LDAP authentication 
for Cisco Spam Quarantine

636
3269

LDAPS

Out

LDAPS

LDAPS — ActiveDirectory’s Global 
Catalog Server (uses SSL)

443

TCP

In

AsyncOS IPs

Secure HTTP (

https

) access to the 

GUI for system monitoring.

443

TCP

Out

res.cisco.com

Cisco Registered Envelope Service

443

TCP

Out

updates-manifests.ironpo
rt.com

Verify the latest files for the update 
server. 

443

TCP

Out

phonehome.senderbase.or
g

Receive/Send Outbreak Filters

514

UDP/TCP

Out

Syslog Server

Syslog logging

628

TCP

In

AsyncOS IPs

QMQP if injecting email from outside 
firewall.

1024 
and 
higher 

—

—

—

See information above for Port 21 
(FTP.)

2222

CCS

In & Out

AsyncOS IPs

Cluster Communication Service (for 
Centralized Management).

6025

TCP

Out

AsyncOS IPs

Cisco Spam Quarantine

7025

TCP 

In & Out

AsyncOS IPs 

Pass policy, virus, and outbreak 
quarantine data between Email 
Security appliances and the Cisco 
Content Security Management 
appliance when this feature is 
centralized.