TCP ports used by Cisco IPS

Answered Question
Jul 8th, 2010
User Badges:

I have have searched high and low via Google and within cisco.com for the answer to this, but can not seem to find it documented anywhere.  I am attempting to identify all ports that are required to manage the a Cisco IPS so that I can open up the firewalls.  It is my understanding that the ports below are required, but I am not sure if I am missing anything, please see below:



TCP 22:     Source => Sensor Admin

TCP 443:   Source => Sensor Admin

UDP 123:  Sensor Admin => NTP Server




Am I missing anything?  Thank you!



Jonathan

Boulder, Co

Correct Answer by Christopher Dreier about 6 years 9 months ago

Additionally, if you plan to use SNMP, you will need to allow UDP/161 and UDP/162 between the sensor and your management station.


Thank you,
Blayne Dreier
Cisco TAC IDS Team


**Please check out our Podcast**
TAC Security Show: http://www.cisco.com/go/tacsecuritypodcast

Correct Answer by Scott Fringer about 6 years 9 months ago

Jonathon;


  If you will be making use of automatic updates for signatures and global correlation updates you will also need to allow the IPS management IP address access on TCP 80 (signature and GC updates) and UDP 53 (GC updates).


Scott

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Scott Fringer Thu, 07/08/2010 - 09:56
User Badges:
  • Cisco Employee,

Jonathon;


  If you will be making use of automatic updates for signatures and global correlation updates you will also need to allow the IPS management IP address access on TCP 80 (signature and GC updates) and UDP 53 (GC updates).


Scott

Correct Answer
Christopher Dreier Thu, 07/08/2010 - 12:21
User Badges:
  • Silver, 250 points or more

Additionally, if you plan to use SNMP, you will need to allow UDP/161 and UDP/162 between the sensor and your management station.


Thank you,
Blayne Dreier
Cisco TAC IDS Team


**Please check out our Podcast**
TAC Security Show: http://www.cisco.com/go/tacsecuritypodcast

Jonathan Grant Thu, 07/08/2010 - 12:45
User Badges:

Thank you gentlemen, that answers my question.  Have a GREAT day!




Jonathan

Boulder, Co

Actions

This Discussion

Related Content