Skip to main content

Security Configuration (Endpoint Management Tools - Windows)

This article applies to: Endpoint Management Tools


This page is intended for IT support professionals. End users should contact local IT support.

These setting are for ACLs or firewalls you have in place.

The following IP addresses need both inbound and outbound access to all UDP and TCP ports:

10.16.113.22 (sf-infranode013.cit.cornell.edu)
10.16.113.23 (sf-infranode014.cit.cornell.edu)
10.16.113.24 (sf-infranode015.cit.cornell.edu)
10.84.37.68 (sf-infranode016.cit.cornell.edu)
10.84.37.69 (sf-infranode017.cit.cornell.edu)
10.84.37.71 (sf-infranode019.cit.cornell.edu)
10.84.37.73 (sf-infranode027.cit.cornell.edu)
128.253.173.224/27 (domain controller subnet)

Windows Firewall

If you have a Windows firewall, copy the GPO SF-MD_CM12_ClientPorts to the OU where the computers will be installing the clients, then apply it. This will configure the Windows firewall to allow inbound communications from the CM2012 infrastructure to the clients.

Managed Firewall Service

The Global objects CU_GRP_Managed_Desktop and CU_NET_Active_Directory, taken together, can be used to specify this list of IP addresses / subnets.

About this Article

Last updated: 

Thursday, July 19, 2018 - 2:03pm

Audience: 

IT Professionals

Operating System: 

Windows

Was this page helpful?

Your feedback helps improve the site.

Comments?