Internet Access Requirements
By default, the system is configured to connect to the internet on ports 443/tcp (HTTPS) and 80/tcp (HTTP). Or, you can configure a proxy server (except for NTP and whois). For some features, your location can determine which resources you access.
Additionally, your browser may contact Amplitude (amplitude.com) web analytics servers to provide non-personally-identifiable usage data to Cisco.
The following table lists features that require device access to specific internet resources.
Feature |
Reason |
High Availability/Clustering |
Resource |
---|---|---|---|
Malware defense |
Submit files for dynamic analysis. |
All units submit files. |
fmc.api.threatgrid.com fmc.api.threatgrid.eu |
CA certificate bundles |
Queries for new CA certificates at a daily system-defined time. The local CA bundle contains certificates to access several Cisco services. Requires Version 7.2.4. |
Each unit downloads its own certificates. |
cisco.com/security/pki |
Cisco Support Diagnostics |
Accepts authorized requests and transmits usage information and statistics. |
All units communicate. |
api-sse.cisco.com:8989 |
Time synchronization |
Synchronize time in your deployment. Not supported with a proxy server. |
All units communicate with the NTP server. |
User configured |