Purpose

This document provides the required information needed  for the communication with the HIAB and OUTSCAN through a firewall.

Introduction

The HIAB requires several firewall rules to allow for a smooth functionality in regard to updates and enrollments. Below is a list of rules that are used, however the Enrollment and Update rules are required and necessary. DNS host names are used for services where changes may occur without prior notification.


Service

Destination

Port

Protocol

Direction

Description

Remote Support

osrss.outpost24.com

22

TCP

Outbound

Remote Assistance

Update

repo.outpost24.com

443

5000

TCP

Outbound

HIAB Updates

Enrollment

outscan.outpost24.com

443

TCP

Outbound

Registering HIAB

HIAB External/ OUTSCAN Internal

outscan.outpost24.com

443

TCP

Outbound

External Scanning from HIAB

WEB

<HIAB IP>

443

TCP

Inbound

WEB GUI

Scheduler to Scanner

<HIAB IP>

443

TCP

Outbound

Communication to scanner, depends on Polling enabled or not

SMTP

<SMTP Server>

25

TCP

Outbound

For the HIAB to send emails

DNS

<DNS Server>

53

TCP/UDP

Outbound

To resolve host names

SSH

<HIAB IP>

22

TCP

Inbound

To allow remote access to the console

Proxy

<Proxy IP>

<Proxy port>

TCP

Outbound

To allow communications using a proxy server

FTP

<FTP IP>

<FTP Port>

TCP

Outbound

To perform backup and imports

Outpost24 Network Scanning Range

Firewalls, IDSs and IPSs may interfere with the security scan if they have a reactive defense mechanism. In such case, we recommend to set up OUTSCAN (CIDR IP range 91.216.32.0/24, 80.254.228.0/22, IPv6 range 2001:67c:1084::/48) as a trusted range.


Clarification

The scanning occurs from within the below range:

  • For IPv4: 91.216.32.1 to 91.216.32.254, 80.254.228.0 to 80.254.231.255.
  • For IPv6: 2001:67c:1084::0 to 2001:067c:1084:ffff:ffff:ffff:ffff:ffff.



Copyright

© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.