Before you deploy BloxOne services and on-prem hosts, ensure that you prepare your environment according to the requirements for the supported platforms and open all necessary ports for unrestricted outbound access.
The following table lists the port usage for the BloxOne on-prem hosts:
|IP Protocol||Port||Domain||IPs and URLs||Description|
|TCP||443||csp.infoblox.com||Cloud Services Portal Access (unrestricted outbound access to TCP 443)|
|On-Prem Host – Platform Management|
|TCP||443||app.noa.infoblox.com||On-Prem Host – Application Management|
|BloxOne Threat Defense Cloud DNS server|
|TCP||443||DNS server||DNS over TLS for DNS Forwarding Proxy|
|UDP||123||ntp.ubuntu.com||NTP Server (For OVA only. In case if NTP was not provisioned and time sync is disabled.)|
|UDP||123||ubuntu.pool.ntp.org||NTP Server (Only if time sync with EXSi is disabled)|
|TCP||22||Data Connector||Ensure that there are no SSH processes listening on port 22. You must terminate these SSH processes for the Data Connector to collect data from NIOS.||Required only for Data Connector. SCP data transfer from NIOS when deployed as a container. . |
When Data Connector is deployed as a container, it uses 22/tcp for logs transfer from NIOS.
|Data Connector||Required only for Data Connector. Secure syslog for RPZ hits data.|
|TCP||8125||Data Connector||Required only for Data Connector. Metrics support for OVA deployment.|
|TCP||9997||Data Connector||Required only for Data Connector. Data transfer to NIOS Reporting server.|
Infoblox recommends that connectivity from the on-prem hosts and services have unrestricted outbound access to the Internet on port 443. This will allow for fewer changes in the future when we change or expand services. For more deployment information, see Best Practices for On-Prem Hosts.
For additional information on BloxOne connectivity service requirements, see the following:
This page has no comments.