1.3. Network Requirements
The ASGARD components use the ports in the following chapters. For a detailed and up to date list of our update and licensing servers, please visit https://www.nextron-systems.com/hosts/.
1.3.1. Management Workstation
Description |
Port |
Source |
Destination |
---|---|---|---|
CLI administration |
22/tcp |
Workstation |
Security Center Frontend |
CLI administration |
22/tcp |
Workstation |
Security Center Backend |
Web administration |
8443/tcp |
Workstation |
Security Center Backend |
1.3.2. Customer Access
Description |
Port |
Source |
Destination |
---|---|---|---|
Customer Web Interface |
443/tcp |
Workstation |
Security Center Frontend |
1.3.3. Analysis Cockpit
Description |
Port |
Source |
Destination |
---|---|---|---|
Event and Asset synchronization |
6443/tcp |
ASGARD Analysis Cockpit |
Security Center Backend |
1.3.4. Security Center Frontend
Description |
Port |
Source |
Destination |
---|---|---|---|
Event and Asset queries |
7443/tcp |
Security Center Frontend |
Security Center Backend |
1.3.5. Internet
The Security Center is configured to retrieve updates from the following URLs:
Description |
Port |
Source |
Destination |
---|---|---|---|
Product Updates |
443/tcp |
Security Center Frontend & Backend |
update3.nextron-systems.com |
Product Updates |
443/tcp |
Security Center Frontend & Backend |
update-301.nextron-systems.com |
NTP |
123/udp |
Security Center Frontend & Backend |
0.debian.pool.ntp.org [1] |
NTP |
123/udp |
Security Center Frontend & Backend |
1.debian.pool.ntp.org [1] |
NTP |
123/udp |
Security Center Frontend & Backend |
2.debian.pool.ntp.org [1] |
All proxy systems should be configured to allow access to these URLs without TLS/SSL interception (ASGARD uses client-side SSL certificates for authentication). It is possible to configure a proxy server, username and password during the setup process of the Security Center. Only BASIC authentication is supported (no NTLM authentication support).
Hint
The Security Center installer requires Internet access during the setup. The installation process will fail if required packages cannot be loaded from our update servers (see table above).
1.3.6. DNS
All the components need to have a resolvable FQDN.
The Security Center needs to be able to resolve internal and external IP addresses. Connection to the Analysis Cockpit MUST be done with a resolvable FQDN. IP addresses will not work.