shanil Posted March 13, 2023 Posted March 13, 2023 Hi, We have a customer site with only whitelisted URLs allowed on the firewall. Can someone please share with me the URLs that need to whitelist in order for endpoints to communicate/send & receive updates with the cloud security center? Kaspersky Hybrid Cloud - ksc.kaspersky.com Endpoint Kaspersky Endpoint Security 11.11
Thomas Becker Posted March 24, 2023 Posted March 24, 2023 Hello, sorry for the late reply. Maybe this link will help you: https://support.kaspersky.com/KSC/CloudConsole/en-US/175982.htm The address https://aes.s.kaspersky-labs.com/endpoints/ is included in managed device firewall exceptions.
Hassan Izhar Posted May 3, 2023 Posted May 3, 2023 The URLs that need to be whitelisted for endpoints to communicate with the cloud security center can vary depending on the specific cloud security solution and the configuration of your network. However, here are some URLs that may need to be whitelisted: *.microsoft.com *.microsoftonline.com *.windowsupdate.com *.cloudappsecurity.com *.blob.core.windows.net *.securitycenter.windows.com *.msftcloudes.com *.azsec.azure.com *.msecnd.net *.nrbf[0-9].com It's important to note that these are general URLs that may need to be whitelisted and that the specific URLs required for your cloud security solution may be different. You should consult the documentation or support resources for your cloud security solution to obtain the necessary URLs that need to be whitelisted. Additionally, it's recommended to regularly review and update the whitelisted URLs to ensure that your endpoints can communicate with the cloud security center without any issues while also maintaining a high level of security.
KarDip Posted November 20 Posted November 20 Hello @shanil For Kaspersky Hybrid Cloud and Kaspersky Endpoint Security 11.11, you need to whitelist specific URLs to ensure that endpoints can communicate with the cloud security center and receive updates. Below is a list of URLs that you should allow: Cloud Security Center Communication ksc.kaspersky.com (Main Cloud Security Center) Update Servers Ensure that the following update servers are allowed for downloading antivirus databases and application updates: dnl-01.geo.kaspersky.com dnl-02.geo.kaspersky.com dnl-03.geo.kaspersky.com dnl-04.geo.kaspersky.com Cloud Protection and Licensing For cloud protection services and licensing, include: license.kaspersky.com s20.upd.kaspersky.com stat.kaspersky.com ksn.kaspersky.com (Kaspersky Security Network, if enabled) Additional Resources If you use features such as Kaspersky Web Control, Application Control, or Content Filtering: crl.kaspersky.com (for certificate revocation checks) data.kaspersky.com (for cloud-based protection requests) Ports to Open Kaspersky services typically require the following ports: TCP 443: For HTTPS communication with cloud services. TCP 80: For fallback HTTP communication (not always required). UDP 53: For DNS resolution. Make sure that the firewall rules apply to both IPv4 and IPv6 if dual-stack networking is in use. Additionally, check the Kaspersky Online Help for the most up-to-date information as URLs and requirements may change over time. Thank you 1
Renan Corassa Posted December 12 Posted December 12 (edited) On 19/11/2024 at 23:15, KarDip disse: Hello @shanil For Kaspersky Hybrid Cloud and Kaspersky Endpoint Security 11.11, you need to whitelist specific URLs to ensure that endpoints can communicate with the cloud security center and receive updates. Below is a list of URLs that you should allow: Cloud Security Center Communication ksc.kaspersky.com (Main Cloud Security Center) Update Servers Ensure that the following update servers are allowed for downloading antivirus databases and application updates: dnl-01.geo.kaspersky.com dnl-02.geo.kaspersky.com dnl-03.geo.kaspersky.com dnl-04.geo.kaspersky.com Cloud Protection and Licensing For cloud protection services and licensing, include: license.kaspersky.com s20.upd.kaspersky.com stat.kaspersky.com ksn.kaspersky.com (Kaspersky Security Network, if enabled) Additional Resources If you use features such as Kaspersky Web Control, Application Control, or Content Filtering: crl.kaspersky.com (for certificate revocation checks) data.kaspersky.com (for cloud-based protection requests) Ports to Open Kaspersky services typically require the following ports: TCP 443: For HTTPS communication with cloud services. TCP 80: For fallback HTTP communication (not always required). UDP 53: For DNS resolution. Make sure that the firewall rules apply to both IPv4 and IPv6 if dual-stack networking is in use. Additionally, check the Kaspersky Online Help for the most up-to-date information as URLs and requirements may change over time. Thank you Dear, Which Cloud does Kaspersky currently use to host KSCCC? Azure and Huawei? Is there any documentation with the IP addresses of these Clouds? I encountered a communication failure with the Agents from the Kaspersky Cloud and I only resolved it by adding some IPs that the Firewall was blocking to an exclusion list. https://support.kaspersky.com/KSC/CloudConsole/pt-BR/138094.htm Edited December 12 by Renan Corassa
KarDip Posted December 13 Posted December 13 (edited) @@Renan Corassa. Kaspersky Security Center Cloud Console (KSCCC) is hosted on cloud environments managed by Kaspersky, including Azure and other supported platforms. While the specifics of hosting in Huawei Cloud were not explicitly found, Kaspersky commonly partners with multiple cloud providers to ensure global coverage. For deployment and communication, KSCCC requires specific IP addresses and ports to be allowed through your firewall to enable proper agent communication and updates. The official documentation does not list IP addresses directly but emphasizes that all necessary ports and domains used by the Kaspersky infrastructure must be whitelisted in the firewall. The exact configurations and guidelines can be reviewed in the Kaspersky Security Center documentation below Urls. https://support.kaspersky.com/KSC/CloudConsole/en-US/153504.htm https://support.kaspersky.com/KSC/13/en-US/179139.htm For a detailed setup, it is recommended to consult the Port and Network Requirements section of the documentation or contact Kaspersky technical support for an updated list of required IPs for your region. https://support.kaspersky.com/KSC/13/en-US/179139.htm https://support.kaspersky.com/KSC/CloudConsole/en-US/153504.htm https://support.kaspersky.com/KSC/15.1/en-US/196993.htm If you're still encountering issues, it may be beneficial to check the exclusion list in your firewall and ensure the necessary IP ranges or domains are included. ____________________________________________________________________________________________ Edited December 13 by KarDip added extra info
3
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now