shanil Posted March 13, 2023 Posted March 13, 2023 Hi, We have a customer site with only whitelisted URLs allowed on the firewall. Can someone please share with me the URLs that need to whitelist in order for endpoints to communicate/send & receive updates with the cloud security center? Kaspersky Hybrid Cloud - ksc.kaspersky.com Endpoint Kaspersky Endpoint Security 11.11
Thomas Becker Posted March 24, 2023 Posted March 24, 2023 Hello, sorry for the late reply. Maybe this link will help you: https://support.kaspersky.com/KSC/CloudConsole/en-US/175982.htm The address https://aes.s.kaspersky-labs.com/endpoints/ is included in managed device firewall exceptions.
Hassan Izhar Posted May 3, 2023 Posted May 3, 2023 The URLs that need to be whitelisted for endpoints to communicate with the cloud security center can vary depending on the specific cloud security solution and the configuration of your network. However, here are some URLs that may need to be whitelisted: *.microsoft.com *.microsoftonline.com *.windowsupdate.com *.cloudappsecurity.com *.blob.core.windows.net *.securitycenter.windows.com *.msftcloudes.com *.azsec.azure.com *.msecnd.net *.nrbf[0-9].com It's important to note that these are general URLs that may need to be whitelisted and that the specific URLs required for your cloud security solution may be different. You should consult the documentation or support resources for your cloud security solution to obtain the necessary URLs that need to be whitelisted. Additionally, it's recommended to regularly review and update the whitelisted URLs to ensure that your endpoints can communicate with the cloud security center without any issues while also maintaining a high level of security.
Renan Corassa Posted Tuesday at 07:32 PM Posted Tuesday at 07:32 PM https://support.kaspersky.com/common/start/6105
KarDip Posted yesterday at 02:15 AM Posted yesterday at 02:15 AM Hello @shanil For Kaspersky Hybrid Cloud and Kaspersky Endpoint Security 11.11, you need to whitelist specific URLs to ensure that endpoints can communicate with the cloud security center and receive updates. Below is a list of URLs that you should allow: Cloud Security Center Communication ksc.kaspersky.com (Main Cloud Security Center) Update Servers Ensure that the following update servers are allowed for downloading antivirus databases and application updates: dnl-01.geo.kaspersky.com dnl-02.geo.kaspersky.com dnl-03.geo.kaspersky.com dnl-04.geo.kaspersky.com Cloud Protection and Licensing For cloud protection services and licensing, include: license.kaspersky.com s20.upd.kaspersky.com stat.kaspersky.com ksn.kaspersky.com (Kaspersky Security Network, if enabled) Additional Resources If you use features such as Kaspersky Web Control, Application Control, or Content Filtering: crl.kaspersky.com (for certificate revocation checks) data.kaspersky.com (for cloud-based protection requests) Ports to Open Kaspersky services typically require the following ports: TCP 443: For HTTPS communication with cloud services. TCP 80: For fallback HTTP communication (not always required). UDP 53: For DNS resolution. Make sure that the firewall rules apply to both IPv4 and IPv6 if dual-stack networking is in use. Additionally, check the Kaspersky Online Help for the most up-to-date information as URLs and requirements may change over time. Thank you
3
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now