Forum Discussion

sdo's avatar
sdo
Moderator
11 years ago
Solved

What are all of the site addresses (and ports) that an appliance reaches out to?

N5230 - v2.6.0.3 and v2.6.1.1

Hi,

Is there a definite list of the site URLs (and ports) that an appliance can and will attempt to connect to, for:

1) Callhome

2) Software downloads

3) Other purposes?

Thanks.

Backup and Recovery
Configuring
Installing
Linux
NetBackup Appliance
  • sdo's avatar
    sdo
    11 years ago

    This:

    http://www.symantec.com/business/support/index?page=content&id=TECH152748

    ...says CallHome reaches out to:

    https://www.symappmon.com

    ...and this:

    https://www-secure.symantec.com/connect/forums/5230-call-home-and-software-update-targets-and-ports

    ...says:

    "Call Home uses SSL, so 443 and connects to IP address 216.168.252.222 and 69.58.182.57
    TheNetBackup Product Improvement Program agent uses the same port and communicates with https://telemetrics.symantec.com on IPaddress 216.10.195.50"

    ...and this:

    https://www-secure.symantec.com/connect/forums/appliance-call-home-failed

    ...says:

    "They are also using https://api.appliance.symantec.com now."

    ...and this:

    http://www.symantec.com/business/support/index?page=content&id=TECH216884

    ...says:

    "Testing callhome heartbeat server: https://www.symappmon.com/ "

    "If you are using a proxy server for CallHome, make sure https://api.appliance.symantec.com is allowed by the proxy server. "

    ...and that's as much as I could find right now.

     

6 Replies

Sort By
  • sdo's avatar
    sdo
    Moderator
    11 years ago

    This:

    http://www.symantec.com/business/support/index?page=content&id=TECH152748

    ...says CallHome reaches out to:

    https://www.symappmon.com

    ...and this:

    https://www-secure.symantec.com/connect/forums/5230-call-home-and-software-update-targets-and-ports

    ...says:

    "Call Home uses SSL, so 443 and connects to IP address 216.168.252.222 and 69.58.182.57
    TheNetBackup Product Improvement Program agent uses the same port and communicates with https://telemetrics.symantec.com on IPaddress 216.10.195.50"

    ...and this:

    https://www-secure.symantec.com/connect/forums/appliance-call-home-failed

    ...says:

    "They are also using https://api.appliance.symantec.com now."

    ...and this:

    http://www.symantec.com/business/support/index?page=content&id=TECH216884

    ...says:

    "Testing callhome heartbeat server: https://www.symappmon.com/ "

    "If you are using a proxy server for CallHome, make sure https://api.appliance.symantec.com is allowed by the proxy server. "

    ...and that's as much as I could find right now.

     

  • sdo's avatar
    sdo
    Moderator
    11 years ago

    So, in summary:

    CallHome talks to:  https://www.symappmon.com:443   and   https://api.appliance.symantec.com:443

    NetBackup Product Improvement Program Agent talks to:   https://telemetrics.symantec.com:443

    ...on a weekly basis (which can be disabled), as described here:  https://www-secure.symantec.com/connect/videos/netbackup-75-product-improvement-program

     

    Does 'software / check' have a URL name that it talks to ?

  • sdo's avatar
    sdo
    Moderator
    11 years ago

    Found this data sheet re AutoSupport, CallHome and Telemetry (Product Improvement Program):

    http://securityresponse.symantec.com/content/en/us/enterprise/other_resources/b-symc_autosupport_FAQ_21286365.pdf

    ...and this white paper describing AutoSupport and CallHome:

    http://www.symantec.com/business/support/index?page=content&id=HOWTO101705

    ...which states (on page 9):

    Registration data is sent to https://api.appliance.symantec.com

    Call Home and Appliance registration data is sent to https://www.symappmon.com

    DataCollect packages are sent to https://sort.symantec.com 

  • sdo's avatar
    sdo
    Moderator
    11 years ago

    Looking at the CLIsh scripts (for an 5200 v2.5.2 (aka 7.5.0.5) appliance), downloads are discovered and downloaded from:

    http://www.symantec.com

    ...so I assume port 80 for this.

  • sdo's avatar
    sdo
    Moderator
    11 years ago

    Area

    		 Accesses Frequency Direction
    CLIsh based registration https://api.appliance.symantec.com:443 as and when updated within the appliance outbound only
    CallHome https://www.symappmon.com:443 every 30 minutes if ok
    every 15 minutes if an issue is experienced
    every 12 hours full package is sent    		 outbound only
    Product Improvement Program
    (Telemetry)    		 https://telmetrics.symantec.com:443 weekly
    (but is there a timing rule?)
    (random times?)    		 outbound only
    Data Collect https://sort.symantec.com:443 every 3 days
    or immediately upon failure    		 outbound only
    Software > Check http://www.symantec.com:80 as and when issued on appliance outbound only

    .

    (EDIT: table updated)

  • sdo's avatar
    sdo
    Moderator
    11 years ago

    (N.B: This next list is not specific to appliances.)

    Just thought I'd also share the URLs that I'm aware of (so far) that a 'admin workstation' or 'admin server' needs access to, i.e. to have firewall whitelisted, in order to be able to make the most out of Symantec Support and associated resources.

    Target Site Protocol Purpose
    http://kbdownload.symantec.com http Documentation, tech notes, patch kits
    http://www.symantec.com http Documentation, tech notes, patch kits
    https://fileconnect.symantec.com https Download application base binaries
    https://my.symantec.com https Vendor support case management
    https://sort.symantec.com https Detailed compatibility checking
    https://symaccount.symantec.com https Symantec Support logon server
    https://symantec.flexnetoperations.com https Licensing administration
    https://symantec.webex.com https Symantec Support WebEx
    https://www.symantec.com https Documentation, tech notes, patch kits
    https://www-secure.symantec.com https Symantec Connect Forum

    If anyone has any other useful addresses, please share.