Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi
C-1
AsyncOS 8.3 for Cisco Content Security Management User Guide
A P P E N D I X
C
Firewall Information
The following table lists the possible ports that may need to be opened for proper operation of the Cisco
Content Security appliance (these are the default values).
Content Security appliance (these are the default values).
Table C-1
Firewall Ports
Default
Port Protocol
Port Protocol
In/Out Hostname
Purpose
20/21
TCP
In or out AsyncOS IPs, FTP
server
FTP for aggregation of log files.
Data ports TCP 1024 and higher must also all be
open.
For more information, search for FTP port
information in the Knowledge Base. See
information in the Knowledge Base. See
.
22
SSH
Out
AsyncOS IPs
Centralized configuration manager configuration
push.
push.
Also used for backups.
22
TCP
In
AsyncOS IPs
SSH access to the CLI, aggregation of log files.
22
TCP
Out
SCP server
SCP push to log server.
23
Telnet
In
AsyncOS IPs
Telnet access to the CLI.
23
Telnet
Out
Telnet server
Telnet upgrades.
25
TCP
Out
Any
SMTP to send email.
25
TCP
In
AsyncOS IPs
SMTP to receive bounced email or if injecting
email from outside firewall.
email from outside firewall.
80
HTTP
In
AsyncOS IPs
HTTP access to the GUI for system monitoring.
80
HTTP
Out
downloads.cisco.co
m
m
Service updates, except for AsyncOS upgrades.
80
HTTP
Out
updates.cisco.com
AsyncOS upgrades.
82
HTTP
In
AsyncOS IPs
Used for viewing the
spam quarantine.
83
HTTPS
In
AsyncOS IPs
Used for viewing the
spam quarantine.
53
UDP/T
CP
CP
Out
DNS servers
DNS if configured to use Internet root servers or
other DNS servers outside the firewall. Also for
SenderBase queries.
other DNS servers outside the firewall. Also for
SenderBase queries.