Internet Access Requirements

By default, the system is configured to connect to the internet on ports 443/tcp (HTTPS) and 80/tcp (HTTP). Or, you can configure a proxy server (except for NTP and whois). For some features, your location can determine which resources you access.

Additionally, your browser may contact Amplitude (amplitude.com) web analytics servers to provide non-personally-identifiable usage data to Cisco.

The following table lists features that require device access to specific internet resources.

Resources Accessed by Devices

Feature

Reason

High Availability/Clustering

Resource

Malware defense

Submit files for dynamic analysis.

All units submit files.

fmc.api.threatgrid.com

fmc.api.threatgrid.eu

CA certificate bundles

Queries for new CA certificates at a daily system-defined time. The local CA bundle contains certificates to access several Cisco services.

Requires Version 7.2.4.

Each unit downloads its own certificates.

cisco.com/security/pki

Cisco Support Diagnostics

Accepts authorized requests and transmits usage information and statistics.

All units communicate.

api-sse.cisco.com:8989

Time synchronization

Synchronize time in your deployment.

Not supported with a proxy server.

All units communicate with the NTP server.

User configured