03-29-2015 06:33 AM
N5230 - v2.6.0.3 and v2.6.1.1
Hi,
Is there a definite list of the site URLs (and ports) that an appliance can and will attempt to connect to, for:
1) Callhome
2) Software downloads
3) Other purposes?
Thanks.
Solved! Go to Solution.
03-29-2015 03:27 PM
This:
http://www.symantec.com/business/support/index?page=content&id=TECH152748
...says CallHome reaches out to:
...and this:
https://www-secure.symantec.com/connect/forums/5230-call-home-and-software-update-targets-and-ports
...says:
"Call Home uses SSL, so 443 and connects to IP address 216.168.252.222 and 69.58.182.57
TheNetBackup Product Improvement Program agent uses the same port and communicates with https://telemetrics.symantec.com on IPaddress 216.10.195.50"
...and this:
https://www-secure.symantec.com/connect/forums/appliance-call-home-failed
...says:
"They are also using https://api.appliance.symantec.com now."
...and this:
http://www.symantec.com/business/support/index?page=content&id=TECH216884
...says:
"Testing callhome heartbeat server: https://www.symappmon.com/ "
"If you are using a proxy server for CallHome, make sure https://api.appliance.symantec.com is allowed by the proxy server. "
...and that's as much as I could find right now.
03-29-2015 03:27 PM
This:
http://www.symantec.com/business/support/index?page=content&id=TECH152748
...says CallHome reaches out to:
...and this:
https://www-secure.symantec.com/connect/forums/5230-call-home-and-software-update-targets-and-ports
...says:
"Call Home uses SSL, so 443 and connects to IP address 216.168.252.222 and 69.58.182.57
TheNetBackup Product Improvement Program agent uses the same port and communicates with https://telemetrics.symantec.com on IPaddress 216.10.195.50"
...and this:
https://www-secure.symantec.com/connect/forums/appliance-call-home-failed
...says:
"They are also using https://api.appliance.symantec.com now."
...and this:
http://www.symantec.com/business/support/index?page=content&id=TECH216884
...says:
"Testing callhome heartbeat server: https://www.symappmon.com/ "
"If you are using a proxy server for CallHome, make sure https://api.appliance.symantec.com is allowed by the proxy server. "
...and that's as much as I could find right now.
03-29-2015 03:33 PM
So, in summary:
CallHome talks to: https://www.symappmon.com:443 and https://api.appliance.symantec.com:443
NetBackup Product Improvement Program Agent talks to: https://telemetrics.symantec.com:443
...on a weekly basis (which can be disabled), as described here: https://www-secure.symantec.com/connect/videos/netbackup-75-product-improvement-program
Does 'software / check' have a URL name that it talks to ?
03-29-2015 04:25 PM
Found this data sheet re AutoSupport, CallHome and Telemetry (Product Improvement Program):
http://securityresponse.symantec.com/content/en/us/enterprise/other_resources/b-symc_autosupport_FAQ_21286365.pdf
...and this white paper describing AutoSupport and CallHome:
http://www.symantec.com/business/support/index?page=content&id=HOWTO101705
...which states (on page 9):
Registration data is sent to https://api.appliance.symantec.com
Call Home and Appliance registration data is sent to https://www.symappmon.com
DataCollect packages are sent to https://sort.symantec.com
03-30-2015 01:01 AM
Looking at the CLIsh scripts (for an 5200 v2.5.2 (aka 7.5.0.5) appliance), downloads are discovered and downloaded from:
http://www.symantec.com
...so I assume port 80 for this.
03-30-2015 01:02 AM
Area |
Accesses | Frequency | Direction |
CLIsh based registration | https://api.appliance.symantec.com:443 | as and when updated within the appliance | outbound only |
CallHome | https://www.symappmon.com:443 | every 30 minutes if ok every 15 minutes if an issue is experienced every 12 hours full package is sent |
outbound only |
Product Improvement Program (Telemetry) |
https://telmetrics.symantec.com:443 | weekly (but is there a timing rule?) (random times?) |
outbound only |
Data Collect | https://sort.symantec.com:443 | every 3 days or immediately upon failure |
outbound only |
Software > Check | http://www.symantec.com:80 | as and when issued on appliance | outbound only |
.
(EDIT: table updated)
04-05-2015 03:06 AM
(N.B: This next list is not specific to appliances.)
Just thought I'd also share the URLs that I'm aware of (so far) that a 'admin workstation' or 'admin server' needs access to, i.e. to have firewall whitelisted, in order to be able to make the most out of Symantec Support and associated resources.
Target Site | Protocol | Purpose |
http://kbdownload.symantec.com | http | Documentation, tech notes, patch kits |
http://www.symantec.com | http | Documentation, tech notes, patch kits |
https://fileconnect.symantec.com | https | Download application base binaries |
https://my.symantec.com | https | Vendor support case management |
https://sort.symantec.com | https | Detailed compatibility checking |
https://symaccount.symantec.com | https | Symantec Support logon server |
https://symantec.flexnetoperations.com | https | Licensing administration |
https://symantec.webex.com | https | Symantec Support WebEx |
https://www.symantec.com | https | Documentation, tech notes, patch kits |
https://www-secure.symantec.com | https | Symantec Connect Forum |
If anyone has any other useful addresses, please share.