Page tree

The following ports will need to be opened for each server registered with Armor Anywhere.

Inbound / OutboundService / PurposePortDestination
OutboundArmor Agent443/tcp
  • 146.88.106.210  
    • (api.armor.com)
OutboundMalware Protection, FIM, IDS

4119/tcp

  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundDSM4120/tcp
  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundRelay4122/tcp
  • 35.163.135.130
  • 34.214.246.111
  • 52.13.172.208
    • (3a.epsec.armor.com)
OutboundLog Management (Filebeat / Winlogbeat)515/tcp
  • 146.88.106.196  
    • (1a.log.armor.com)
  • 146.88.144.196  
    • (2a.log.armor.com)
OutboundMonitoring8443/tcp
  • 146.88.106.200  
    • (1a.mon.armor.com)
  • 146.88.114.200  
    • (2a.mon.armor.com)
OutboundRemote Access443/tcp
  • 146.88.106.216 
    • (1a.rs.armor.com)
  • 146.88.114.216
    • (alternate)
Outbound

Vulnerability Scanning



*443/tcp
  • 34.226.68.35
  • 54.144.111.231
  • 52.203.25.223
  • 34.236.161.191
    • endpoint.ingress.rapid7.com
    • (United States)

  • 52.60.40.157
  • 52.60.107.153
    • ca.endpoint.ingress.rapid7.com
    • (Canada)

  • 3.120.196.152
  • 3.120.221.108
    • eu.endpoint.ingress.rapid7.com
    • (Europe)

  • 52.64.24.140
  • 13.55.81.47
  • 13.236.168.124
    • au.endpoint.ingress.rapid7.com
    • (Australia)
  • 103.4.8.209
  • 18.182.167.99
    • ap.endpoint.ingress.rapid7.com
    • (Japan/Asia/Asia Pacific)
InboundLog Relay (Logstash)
  • 5140/udp
  • 5141/tcp
The IP address for your virtual machine
OutboundLog Relay (Armor's logging service (ELK))
  • 5443/tcp
  • 5400-5600/tcp (Reserved)
    • Armor reserves the right to utilize this port range for future expansion or service changes.

1c.log.armor.com

  • These endpoints are served by the Amazon Elastic Load Balancers. As a result, the actual endpoints will vary dynamically across Amazon's IP ranges.


* The agent will perform a lookup to the applicable DNS entry, which may resolve to one of multiple Amazon Web Services based subnets. As a result, if your firewall does not support outbound filtering by domain name, then you may need to open all outbound traffic to 443/tcp to accommodate this service.

Additionally, verify that your proxy server can externally communicate.