Cisco Cisco Firepower Management Center 4000 Guía De Instalación
1-8
Cisco NGIPS for Blue Coat X-Series Installation and Configuration Guide
Chapter 1 Introduction to Cisco NGIPS for Blue Coat X-Series
Security, Internet Access, and Communication Ports
Security, Internet Access, and Communication Ports
To safeguard the Defense Center, you should install it on a protected internal network. Although the
Defense Center is configured to have only the necessary services and ports available, you must make
sure that attacks cannot reach it from outside the firewall.
Defense Center is configured to have only the necessary services and ports available, you must make
sure that attacks cannot reach it from outside the firewall.
If the Defense Center and Cisco NGIPS for Blue Coat X-Series reside on the same network, you can
connect the management interface on Cisco NGIPS for Blue Coat X-Series to the same protected internal
network as the Defense Center. This allows you to securely control Cisco NGIPS for Blue Coat X-Series
from the Defense Center.
connect the management interface on Cisco NGIPS for Blue Coat X-Series to the same protected internal
network as the Defense Center. This allows you to securely control Cisco NGIPS for Blue Coat X-Series
from the Defense Center.
Regardless of how you deploy your Cisco NGIPS for Blue Coat X-Series managed devices, intra-device
communication is encrypted. However, you must still take steps to ensure that communications between
Cisco NGIPS for Blue Coat X-Series managed devices cannot be interrupted, blocked, or tampered with;
for example, with a distributed denial of service (DDoS) or man-in-the-middle attack.
communication is encrypted. However, you must still take steps to ensure that communications between
Cisco NGIPS for Blue Coat X-Series managed devices cannot be interrupted, blocked, or tampered with;
for example, with a distributed denial of service (DDoS) or man-in-the-middle attack.
Also note that specific features of the Cisco NGIPS for Blue Coat X-Series require an Internet
connection. By default, all Cisco NGIPS for Blue Coat X-Series managed devices are configured to
directly connect to the Internet. Additionally, the system requires certain ports remain open for basic
intra-device communication, for secure device access, and so that specific system features can access the
local or Internet resources they need to operate correctly.
connection. By default, all Cisco NGIPS for Blue Coat X-Series managed devices are configured to
directly connect to the Internet. Additionally, the system requires certain ports remain open for basic
intra-device communication, for secure device access, and so that specific system features can access the
local or Internet resources they need to operate correctly.
For more information, see:
•
•
Internet Access Requirements
By default, Cisco NGIPS for Blue Coat X-Series is configured to directly connect to the Internet. For
more information, see the FireSIGHT System User Guide.
more information, see the FireSIGHT System User Guide.
Note
Cisco NGIPS for Blue Coat X-Series does not support proxy settings.
Communication Ports Requirements
FireSIGHT System appliances communicate using a two-way, SSL-encrypted communication channel,
which by default uses port 8305/tcp. The system requires this port remain open for basic intra-appliance
communication. Other open ports allow:
which by default uses port 8305/tcp. The system requires this port remain open for basic intra-appliance
communication. Other open ports allow:
•
secure remote connections to an appliance
•
certain features of the system to access the local or Internet resources they need to function correctly
In general, feature-related ports remain closed until you enable or configure the associated feature.
Caution
Do not close an open port until you understand how this action will affect your deployment.
For example, closing port 25/tcp (SMTP) outbound on a managed device blocks the device from sending
email notifications for individual intrusion events (see the FireSIGHT System User Guide).
email notifications for individual intrusion events (see the FireSIGHT System User Guide).