Deployment Guide
Table Of Contents
- Dell Security Management Server Installation and Migration Guide v11.1.1
- Contents
- Introduction
- Requirements and Architecture
- Pre-Installation Configuration
- Install or Upgrade/Migrate
- Post-Installation Configuration
- Administrative Tasks
- Ports
- SQL Server Best Practices
- Certificates
- login-euc1.cylance.com
- protect-euc1.cylance.com
- data-euc1.cylance.com
- update-euc1.cylance.com
- api-euc1.cylance.com
- protect-api-euc1.cylance.com
- download-euc1.cylance.com
■ Middle East and Asia
- login-au.cylance.com
- protect-au.cylance.com
- data-au.cylance.com
- update-au.cylance.com
- api-au.cylance.com
- protect-api-au.cylance.com
- download-au.cylance.com
■ Japan, Australia, and New Zealand
- login-apne1.cylance.com
- protect-apne1.cylance.com
- data-apne1.cylance.com
- update-apne1.cylance.com
- api-apne1.cylance.com
- protect-api-apne1.cylance.com
- download-apne1.cylance.com
○ Port
■ 443
○ Outbound Device
■ All managed endpoints
○ Outbound Service
■ CylanceSVC
○ Originating Port
■ 443
Public Communication to Front-End Server (if needed)
This sees information traveling from the Internet to the Front-End server. Firewall or routing configuration must have ports set
as inbound from a public or Internet connection to one or more Front-End servers or a load balancer.
● Dell Core Server Proxy: HTTPS/8888
● Dell Device Server: HTTPS/8081
● Dell Policy Proxy: TCP/8000
● Dell Security Server: HTTPS/8443
DMZ or Front-End Communication to Back-End Server (if needed)
The below services and ports communicate from any Security Management Server that is configured in Front-End mode to the
Security Management Server configured in Back-End mode. Firewall or routing configuration must have ports set as inbound
from one or more Front-End servers or load balancers to the Back-End server.
● Front-End Dell Policy Proxy and Dell Beacon Server to Back-End Dell Message Broker: STOMP/61613
● Front-End Dell Security Server Proxy to Back-End Dell Security Server: HTTPS/8443
● Front-End Dell Core Server Proxy to Back-End Dell Core Server: HTTPS/8888
● Front-End Dell Device Server to Back-End Dell Security Server: HTTPS/8443
Back-End Server to Internal Network
The below services and ports are used for communication to the respective services internally by clients on the domain or
connected through VPN. Dell Technologies recommends that several of these services should not be forwarded outside of the
network, or the service is filtered in the Front-End Server’s configuration by default. Firewall or routing configuration must have
these ports set as inbound from the internal network to the Back-End Security Management Server.
● Management Console hosted on the Dell Security Server: HTTPS/8443
● Reports delivered through the Dell Compliance Reporter: HTTP(S)/8084
14
Pre-Installation Configuration