Page tree

Contents

Important Note

Before you deploy BloxOne services and on-prem hosts, ensure that you prepare your environment according to the requirements for the supported platforms and open all necessary ports for unrestricted outbound access.

Incoming and Outgoing Port Usage

The following table lists the port usage for the BloxOne on-prem hosts:

IP ProtocolPort
Incoming or Outgoing PortServices Using This PortDomainIPs and URLs Description
TCP443Outgoing
  • Anycast
  • Data Connector
  • DHCP
  • DNS
  • DNS Forwarding Proxy
  • NIOS Grid Connector
csp.infoblox.com

IPs in one JSON formatted list

URLs in one JSON formatted list

Cloud Services Portal Access (unrestricted outbound access to TCP 443)

DNS also uses the UDP protocol


TCP443Outgoing
  • Anycast
  • Data Connector
  • DHCP
  • DNS
  • DNS Forwarding Proxy
  • NIOS Grid Connector

cp.noa.infoblox.com

grpc.csp.infobox.com

On-Prem Host – Platform Management
TCP443Outgoing
  • Anycast
  • Data Connector
  • DHCP
  • DNS
  • DNS Forwarding Proxy
  • NIOS Grid Connector
app.noa.infoblox.comOn-Prem Host – Application Management
TCP443Outgoing
  • DNS
dns.bloxone.infoblox.com
BloxOne authoritative DNS cloud service access
TCP443Outgoing
  • BloxOne Threat Defense Cloud
  • DNS
threatdefense.bloxone.infoblox.com

52.119.40.100

103.80.5.100

BloxOne Threat Defense Cloud DNS server
UDP123Outgoing
  • NTP Server 
ntp.ubuntu.com
NTP Server 
UDP123Outgoing
  • NTP Pool

pool.ntp.org



NTP Pool (Only if time sync with EXSi is disabled)

TCP22Incoming
  • Data Connector
  • NIOS
Data Connector


If you deploy the Data Connector as a container, ensure that there are no SSH processes listening on port 22. You must terminate these SSH processes for the Data Connector to collect data from NIOS.


Required only for Data Connector. SCP data transfer from NIOS when deployed as a container. 

When Data Connector is deployed as a container, it uses 22/tcp for logs transfer from NIOS.

This is for incoming data transfer.

TCP53Outgoing
  • Anycast
  • Data Connector
  • DHCP
  • DNS
  • DNS Forwarding Proxy
  • NIOS Grid Connector
csp.infoblox.com

For the Cloud Services Portal connectivity to work as desired, TCP 53 is used as the outbound port to the complete list of 116 cloud addresses.


UDP53Outgoing
  • Anycast
  • Data Connector
  • DHCP
  • DNS
  • DNS Forwarding Proxy
  • NIOS Grid Connector
csp.infoblox.com
For the Cloud Services Portal connectivity to work as desired, UDP 53 is used as the outbound port to the complete list of 116 cloud addresses.
TCP514

Incoming/ Outgoing
  • Data Connector
Data ConnectorIf you deploy the Data Connector as a container, ensure that these ports are not used by other processes.

Required only for Data Connector. Secure syslog for RPZ hits data.

Required only for Data Connector. Secure syslog for RPZ hits data. Note: Port 6514 is a secure port.

TCP6514Incoming/ Outgoing
  • NIOS (SCP data transfer)
Data Connector

Required only for Data Connector. SCP data transfer from NIOS.


TCP8125 Outgoing
  • Data Connector
Data ConnectorIf you deploy the Data Connector as a container, ensure that these ports are not used by other processes.Required only for Data Connector. Metrics support for OVA deployment.
TCP8126Outgoing
  • Data Connector
Data ConnectorIf you deploy the Data Connector as a container, ensure that these ports are not used by other processes.Required only for Data Connector.
TCP9997Outgoing
  • Data Connector
Data ConnectorIf you deploy the Data Connector as a container, ensure that these ports are not used by other processes.Required only for Data Connector. Data transfer to NIOS Reporting server.
TCP50514Outgoing
  • Data Connector
Data ConnectorIf you deploy the Data Connector as a container, ensure that this ports are not used by other processes.Required only for Data Connector.


For additional information on BloxOne connectivity service requirements, see the following:


  • No labels

This page has no comments.