| Home Prev |  cOS Core 14.00.17 Administration Guide
|
Next |
|---|
Overview
cOS Core is using various protocols and ports when it need to communicate with an external system (such as license verification) but also when allowing incoming connections for e.g. firewall management. This appendix will list some of the more common ports used by a multitude of functions related to the firewall.For consideration
Many ports are configurable, the table shown below lists the default ports.
Not every port used by cOS Core is listed below as it depends on how cOS Core is configured. The list should be considered basic when commonly used functions and features are used in or towards the firewall.
Table Field Description
Initiator
An initiator of a network connection is the entity that starts or requests the establishment of a network communication session (connection). Can also be referred to as the source.
Terminator
The terminator means the target of the network communication session (connection). Can also be referred to as the destination.
Protocol & port(s)
A description of which IP protocol and port the initiator uses towards the terminator.
Function
A description of the intended use and purpose of the port(s).
| Initiator | Terminator | Protocol & Port(s) | Function |
|---|---|---|---|
| cOS Core | update3.clavister.com | ICMP | Used for health & latency checks for CSPN server selection. |
| cOS Core | update3.clavister.com |
TCP 80 TCP 443 |
Used for CSPN communication for functions such as license validation/download, Anti-Virus and IDP database updates. Note that in the cases where port 80 is used, the content is encrypted. |
| cOS Core | update3.clavister.com | TCP 9998 | Used for Web Content Filtering (WCF) queries towards CSPN |
| cOS Core | ntp.clavister.com | UDP 123 | Clock synchronization towards Clavister's Network Time Protocol (NTP) server |
| cOS Core | di-2018.cspn.clavister.com | TCP 443 | Used for Device Intelligence (DI) queries towards CSPN |
| cOS Core | update3-priv2018.clavister.com |
TCP 443 TCP 9999 |
Used for IP reputation queries towards CSPN |
| cOS Core | FQDN:(user configured) | TCP 998 | For communication with an InControl server when the connection is initiated by cOS Core (device Initiated mode) |
| cOS Core | InControl Log Receiver | UDP 999 | The port used by cOS Core to generate and send logs to the InControl Log Receiver |
| cOS Core | UIA/IDA | TCP 9999 | Used by User Identity Awareness (UIA), also known as Identity Awareness Agent (IDA), to send user information to cOS Core |
| Client | cOS Core |
TCP 80 TCP 443 |
Managing cOS Core over HTTP or HTTPS (HTTP default disabled) |
| Client | cOS Core | TCP 22 | Access to cOS Core CLI over SSH |
| ICS | cOS Core | TCP 999 | Used by InControl Server (ICS) to communicate with cOS Core for functions such as remote console, upload/download of configuration, status polling, monitoring and more. |
Figure E.1. Port Table
![[Note]](images/note.png) |
Note: FQDN entries may be subject to change |
|---|---|
|
As an example current cOS Core is using "update3.clavister.com" to get the CSPN server list but any FQDN entry may be subject to change in future firmware updates. |
Description of some of the table content entries in the above table
Client
When the initiator is a client. Which can mean a PC, server, user, program or other that is the one that initiate and sends the first packet.
cOS Core
When the initiator or terminator is the firewall itself.
CSPN
Clavister Service Provisioning Network (CSPN). A list of servers placed around the world for license check, database updates and more.
