Security Configuration (Endpoint Management Tools - Windows)
This article applies to: Endpoint Management Tools
This page is intended for IT support professionals. End users should contact local IT support.
These setting are for ACLs or firewalls you have in place.
The following IP addresses need both inbound and outbound access to all UDP and TCP ports:
10.16.113.22 | (sf-infranode013.cit.cornell.edu) |
10.16.113.23 | (sf-infranode014.cit.cornell.edu) |
10.16.113.24 | (sf-infranode015.cit.cornell.edu) |
10.84.37.68 | (sf-infranode016.cit.cornell.edu) |
10.84.37.69 | (sf-infranode017.cit.cornell.edu) |
10.84.37.71 | (sf-infranode019.cit.cornell.edu) |
10.84.37.73 | (sf-infranode027.cit.cornell.edu) |
128.253.173.224/27 | (domain controller subnet) |
Windows Firewall
If you have a Windows firewall, copy the GPO SF-MD_CM12_ClientPorts to the OU where the computers will be installing the clients, then apply it. This will configure the Windows firewall to allow inbound communications from the CM2012 infrastructure to the clients.
Managed Firewall Service
The Global objects CU_GRP_Managed_Desktop and CU_NET_Active_Directory, taken together, can be used to specify this list of IP addresses / subnets.
Comments?