User Guide
D-2
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Appendix D Firewall Information
82 HTTP In AsyncOS IPs Used for viewing the Cisco Anti-Spam
quarantine.
83 HTTPS In AsyncOS IPs Used for viewing the Cisco Anti-Spam
quarantine.
110 TCP Out POP Server POP authentication for end users for
Cisco Spam Quarantine
123 UDP In & Out NTP Server NTP if time servers are outside
firewall.
143 TCP Out IMAP Server IMAP authentication for end users for
Cisco Spam Quarantine
161 UDP In AsyncOS IPs SNMP Queries
162 UDP Out Management Station SNMP Traps
389
3268
LDAP Out LDAP Servers LDAP if LDAP directory servers are
outside firewall. LDAP authentication
for Cisco Spam Quarantine
636
3269
LDAPS Out LDAPS LDAPS — ActiveDirectory’s Global
Catalog Server (uses SSL)
443 TCP In AsyncOS IPs Secure HTTP (
https) access to the
GUI for system monitoring.
443 TCP Out res.cisco.com Cisco Registered Envelope Service
443 TCP Out update-manifests.ironport
.com
Verify the latest files for the update
server.
443 TCP Out phonehome.senderbase.or
g
Receive/Send Outbreak Filters
443 TCP Out In the command-line
interface, run the
websecurityadvancedco
nfig
command and accept
all defaults. The Web
security service hostname
is shown.
Cloud service for obtaining URL
reputation and category information for
URL filtering.
443 TCP Out As configured in Security
Services > File
Reputation and Analysis,
Advanced section, Cloud
Server Pool parameter.
If configured, the port for access to
cloud services for obtaining file
reputation.
The default port is 32137.
For file analysis services, see port 443.
443 TCP Out As configured in Security
Services > File
Reputation and Analysis,
Advanced section.
Access to cloud services for file
analysis.
For file reputation services, see port
443 or 32137.
514 UDP/TCP Out Syslog Server Syslog logging
628 TCP In AsyncOS IPs QMQP if injecting email from outside
firewall.
Table D-1 Firewall Ports (continued)