VULNERABILITY DIGEST FROM ACTION1

Patch Tuesday and third-party updates| This Wednesday | 11 AM EDT / 5 PM CEST

REGISTER FOR THE WEBINAR

Getting Started

Endpoints

Patch Management

Vulnerability Management

Software Deployment & IT Assets

Automation & Remote Desktop

Real-Time Reports & Alerts

Account Access & Management

SSO Authentication

Security Concerns

Need Help?

Action1 5 Documentation 5 Firewall Configuration 5 Region: Europe

Region: Europe

Managed endpoint connections

Resource

Action1 servers (server.eu.action1.com):
  • 18.159.245.29
  • 18.195.232.183
  • 3.69.247.61
  • 52.29.164.59
Managed endpoints
(LAN only)

Type

Outbound
Inbound

Port & Protocol

22543 TCP,
TLS 1.2 over TCP
22551 TCP/UDP,
6771 UDP

Required for

Connection to Action1 Cloud
P2P file sharing

Components

Action1 agents
Action1 agents

Details

- The port should be open locally on managed endpoints to allow connections between agents in the local network.
- Make sure the Windows Firewall Policy: Prohibit unicast response to multicast or broadcast requests is set to Not Configured (default setting) or No.

NOTE: If the inbound communication between agents on the local network is not allowed, the agents will not be exchanging downloaded file chunks locally and will always download the full packages from the cloud.

Connection to Action1 Remote Desktop facilities

Resource

Action1 Remote Desktop relay servers in Europe:
  • 18.185.175.163
  • 3.71.193.26
  • 3.74.109.234
Action1 Remote Desktop Console for Europe:
  • remote.eu.action1.com

Type

Outbound
Outbound

Port & Protocol

22543 TCP,
TLS 1.2 over TCP
443 HTTPS

Required for

Europe only: Connection to Action1 Remote Desktop relay servers.
Europe only: Connection to Action1 Remote Desktop Console.

Components

Action1 agents
Action1 Console (web browser)

Details

These servers are located in Europe to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in Europe to ensure a smooth Remote Desktop experience for the users located in this region.

For Windows Update management

Resource

*.windowsupdate.com
*.mp.microsoft.com
emdl.ws.microsoft.com
  • tsfe.trafficshaping.dsp.mp.microsoft.com
  • download.windowsupdate.com
  • dl.delivery.mp.microsoft.com
  • download.windowsupdate.com
  • windowsupdate.microsoft.com
  • *.windowsupdate.microsoft.com
  • *.update.microsoft.com
  • update.microsoft.com
  • download.microsoft.com
  • ntservicepack.microsoft.com
  • login.live.com

Type

Outbound
Outbound
Outbound
Outbound

Port & Protocol

TCP, proprietary by Microsoft
HTTPS/TLS 1.2
HTTP
HTTPS/TLS 1.2

Components

Action1 agents
Action1 agents
Action1 agents
Action1 agents

For application deployment and 3rd party patch management

Resource

a1-backend-packages-434810787744-eu-central-1.s3.amazonaws.com
  • eu-cdn.action1.com
  • eu-cdn-action1-com.b-cdn.net

Type

Outbound
Outbound

Port & Protocol

443 HTTPS
443 HTTPS (no SSL inspection)

Components

Action1 agents
Action1 agents

Details

Make sure you turn off the SSL inspection. Otherwise, software package downloads may fail with some firewalls (such as Zscaler).

NOTE: * (asterisk sign) in DNS names means including all child subdomains, with multi-level nesting. For example,  *.example.com would include example.com, child.example.com, grand.child.example.com, and all other possible subdomains.