VULNERABILITY DIGEST FROM ACTION1

Patch Tuesday and third-party updates| This Wednesday | 11 AM EDT / 5 PM CEST

REGISTER FOR THE WEBINAR

Getting Started

Endpoints

Patch Management

Vulnerability Management

Software Deployment & IT Assets

Automation & Remote Desktop

Real-Time Reports & Alerts

Account Access & Management

SSO Authentication

Security Concerns

Need Help?

Action1 5 Documentation 5 Firewall Configuration 5 Region: North America

Region: North America

NOTE: Accounts set up in the North America region benefit from a “Global access” capability: Remote Desktop connections initiated from various global locations (e.g., South America, the Middle East) are automatically routed through the nearest available cloud infrastructure. For accounts configured in Europe or Australia regions, Remote Desktop connections are routed through the respective regional infrastructure, regardless of the user’s current geographic location. See also: Remote Desktop.

Managed endpoint connections

Resource

Action1 servers (server.action1.com):
  • 54.210.188.13
  • 54.227.102.112
  • 3.210.54.212
  • 3.213.90.174
Managed endpoints
(LAN only)

Type

Outbound
Inbound

Port & Protocol

22543 TCP,
TLS 1.2 over TCP
22551 TCP/UDP,
6771 UDP

Required for

Connection to Action1 Cloud
P2P file sharing

Components

Action1 agents
Action1 agents

Details

- The port should be open locally on managed endpoints to allow connections between agents in the local network.
- Make sure the Windows Firewall Policy: Prohibit unicast response to multicast or broadcast requests is set to Not Configured (default setting) or No.

NOTE: If the inbound communication between agents on the local network is not allowed, the agents will not be exchanging downloaded file chunks locally and will always download the full packages from the cloud.

Connection to Action1 Remote Desktop facilities

NOTE: To leverage the Global access point capability for efficient Remote Desktop connection, your Action1 agents can be geographically located in the specified region (e.g., Africa or Europe), but your Action1 account should be registered with the North America region.

Resource

Action1 Remote Desktop relay servers in North America:
  • 34.203.184.16
  • 44.212.254.73
  • 52.200.246.160
  • 52.205.66.134
  • 100.24.103.37
  • 3.229.22.34
  • 3.88.244.142
  • 54.144.130.130
Action1 Remote Desktop Console for North America:
  • us.remote.app.action1.com
Action1 Remote Desktop relay servers in Europe:
  • 18.135.32.225
  • 18.169.144.48
  • 3.10.103.241
  • 13.41.182.195
  • 18.171.0.33
  • 35.179.20.122
Action1 Remote Desktop Console for Europe:
  • eu.remote.app.action1.com
Action1 Remote Desktop relay servers in the Middle East:
  • 43.204.118.97
  • 43.204.185.8
  • 13.202.109.124
  • 43.205.156.38
Action1 Remote Desktop Console for the Middle East:
  • me.remote.app.action1.com
Action1 Remote Desktop relay servers in East Asia:
  • 13.215.147.78
  • 54.169.182.56
  • 3.0.4.167
  • 13.213.228.50
Action1 Remote Desktop Console for East Asia:
  • ea.remote.app.action1.com
Action1 Remote Desktop relay servers in Australia:
  • 13.211.73.202
  • 54.79.23.166
  • 3.104.236.56
  • 54.79.198.20
Action1 Remote Desktop Console for Australia:
  • au.remote.app.action1.com
Action1 Remote Desktop relay servers in Africa:
  • 13.244.155.212
  • 13.244.175.69
  • 13.245.225.6
  • 13.247.34.181
Action1 Remote Desktop Console for Africa:
  • af.remote.app.action1.com
Action1 Remote Desktop relay servers in South America:
  • 15.229.170.56
  • 18.230.233.136
  • 18.231.231.56
  • 54.207.116.27
Action1 Remote Desktop Console for South America:
  • sa.remote.app.action1.com

Type

Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound
Outbound

Port & Protocol

22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS
22543 TCP,
TLS 1.2 over TCP
443 HTTPS

Required for

North America only: Connection to Action1 Remote Desktop relay servers.
North America only: Connection to Action1 Remote Desktop Console.
Europe only: Connection to Action1 Remote Desktop relay servers.
Europe only: Connection to Action1 Remote Desktop Console.
The Middle East only: Connection to Action1 Remote Desktop relay servers.
The Middle East only: Connection to Action1 Remote Desktop Console.
East Asia only: Connection to Action1 Remote Desktop relay servers.
East Asia only: Connection to Action1 Remote Desktop Console.
Australia only: Connection to Action1 Remote Desktop relay servers.
Australia only: Connection to Action1 Remote Desktop Console.
Africa only: Connection to Action1 Remote Desktop relay servers.
Africa only: Connection to Action1 Remote Desktop Console.
South America only: Connection to Action1 Remote Desktop relay servers.
South America only: Connection to Action1 Remote Desktop Console.

Components

Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)
Action1 agents
Action1 Console (web browser)

Details

These servers are located in North America to ensure a smooth Remote Desktop experience for the users located in this region.
This server is are located in North America to ensure a smooth Remote Desktop experience for the users located in this region.
These servers are located in Europe to ensure a smooth Remote Desktop experience for the users located in this region. These relay servers will be used by the agents that belong to the North America region but located in Europe (e.g., branch offices).
This server is located in Europe to ensure a smooth Remote Desktop experience for the users located in this region. This server will be used for North American customers connecting from Europe (e.g., during travel).
These servers are located in the Middle East to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in the Middle East to ensure a smooth Remote Desktop experience for the users located in this region.
These servers are located in East Asia to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in East Asia to ensure a smooth Remote Desktop experience for the users located in this region.
These servers are located in Australia to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in Australia to ensure a smooth Remote Desktop experience for the users located in this region.
These servers are located in Africa to ensure a smooth Remote Desktop experience for the users located in this region.
This server is are located in Africa to ensure a smooth Remote Desktop experience for the users located in this region.
These servers are located in South America to ensure a smooth Remote Desktop experience for the users located in this region.
This server is located in South America to ensure a smooth Remote Desktop experience for the users located in this region.

For Windows Update management

Resource

*.windowsupdate.com
*.mp.microsoft.com
emdl.ws.microsoft.com
  • tsfe.trafficshaping.dsp.mp.microsoft.com
  • download.windowsupdate.com
  • dl.delivery.mp.microsoft.com
  • download.windowsupdate.com
  • windowsupdate.microsoft.com
  • *.windowsupdate.microsoft.com
  • *.update.microsoft.com
  • update.microsoft.com
  • download.microsoft.com
  • ntservicepack.microsoft.com
  • login.live.com

Type

Outbound
Outbound
Outbound
Outbound

Port & Protocol

TCP, proprietary by Microsoft
HTTPS/TLS 1.2
HTTP
HTTPS/TLS 1.2

Components

Action1 agents
Action1 agents
Action1 agents
Action1 agents

For application deployment and 3rd party patch management

Resource

a1-backend-packages.s3.amazonaws.com
  • us-cdn.action1.com
  • us-cdn-action1-com.b-cdn.net

Type

Outbound
Outbound

Port & Protocol

443 HTTPS
443 HTTPS (no SSL inspection)

Components

Action1 agents
Action1 agents

Details

Make sure you turn off the SSL inspection. Otherwise, software package downloads may fail with some firewalls (such as Zscaler).

(optional) Connection between Deployer and Action1 Cloud

Resource

Action1 servers (server.action1.com):
  • 54.210.188.13
  • 54.227.102.112
  • 3.210.54.212
  • 3.213.90.174

Type

Outbound

Port & Protocol

135 RPC TCP
139 SMB TCP
445 SMB TCP
389 LDAP TCP
Randomly allocated high TCP ports (between 49152 - 65535) TCP

Components

Action1 Deployer

Details

Optional component

NOTE: * (asterisk sign) in DNS names means including all child subdomains, with multi-level nesting. For example,  *.example.com would include example.com, child.example.com, grand.child.example.com, and all other possible subdomains.