Rackspace PDR NIDS networking requirements
Although there are implementation differences across platforms, the network requirements are generally consistant. Differences are indicated in italics with where and why the network access control list (ACL) might differ.
Ingress requirements to the Threat Manager™ appliances
Cloud platforms only
| Source | Destination | Protocol | Port | Description |
|---|---|---|---|---|
| Agent(s) CIDR | Appliance | TCP | 443 | Agent updates |
| Agent(s) CIDR | Appliance | TCP | 7777 | Agent data transport (between agent and appliance on local network) |
| 208.71.209.32/27 | Appliance | TCP | 22 | Optional and temporary Required for troubleshooting during provisioning only |
| 204.110.218.96/27 | Appliance | TCP | 22 | Optional and temporary Required for troubleshooting during provisioning only |
| 204.110.219.96/27 | Appliance | TCP | 22 | Optional and temporary Required for troubleshooting during provisioning only |
| 185.54.124.0/24 | Appliance | TCP | 22 | Optional EU Alert Logic® Datacenter as directed by your PDR team and temporary Required for troubleshooting during provisioning only |
Egress requirements from the Threat Manager appliances
Standard US Alert Logic datacenter
| Source | Destination | Protocol | Port | Description |
|---|---|---|---|---|
| Appliance | Agent (CIDRs) | ALL | ALL | Active Scanning |
| Appliance | 8.8.4.4 | TCP/UDP | 53 | DNS |
| Appliance | 8.8.8.8 | TCP/UDP | 53 | DNS |
| Appliance | 0.0.0.0/0 | TCP | 80 | Appliance updates |
| Appliance | 204.110.218.96/27 | TCP | 443 | Updates |
| Appliance | 204.110.219.96/27 | TCP | 443 | Updates |
| Appliance | 208.71.209.32/27 | TCP | 443 | Updates |
| Appliance | 208.71.209.32/27 | TCP | 4138 | Event transport |
| Appliance | 204.110.218.96/27 | TCP | 4138 | Event transport |
| Appliance | 204.110.219.96/27 | TCP | 4138 | Event transport |
| Appliance | 204.110.219.96/27 | UDP | 123 | NTP, time sync |
| Appliance | 208.71.209.32/27 | UDP | 123 | NTP, time sync |
Egress requirements from the Threat Manager appliances standard EU Alert Logic datacenter
Only implemented when instructed by your PDR team
| Source | Destination | Protocol | Port | Description |
|---|---|---|---|---|
| Appliance | Agent (CIDRs) | ALL | ALL | Active Scanning |
| Appliance | 185.54.124.0/24 | TCP | 443 | Updates |
| Appliance | 185.54.124.0/24 | TCP | 4138 | Event transport |
| Appliance | 8.8.8.8 | TCP/UDP | 53 | DNS |
| Appliance | 8.8.4.4 | TCP/UDP | 53 | DNS |
| Appliance | 0.0.0.0/0 | TCP | 80 | Appliance updates |
| Appliance | 185.54.124.0/24 | UDP | 123 | NTP, time sync |
Updated 12 months ago