Technical Support

Need help?

 

Systems Management Access Requirements: IPs, Ports and URLs

Information applies to:

Products
Panda Systems Management

The Systems Management (PCSM) dynamic load balancing technology means that no single IP address is ever assigned to the PCSM configuration. This greatly increases our platform resilience as we have no single point of failure. If you are configuring a firewall for Systems Management, access should be open, outbound to the following IP addresses:

IP addresses
EU (Ireland)

34.250.32.184
52.16.37.184
52.17.135.255
52.17.165.74
52.17.182.111
52.17.76.108
52.211.156.207
52.211.178.235
52.212.41.19
54.154.174.63
54.154.208.10
54.154.243.242
54.171.73.113
54.194.164.134
54.72.136.17

54.76.36.99
54.76.36.95
54.76.37.242
54.72.50.144
54.72.178.148

MDM only

  • 52.17.76.108
  • 54.154.243.242

IP addresses for the tunnel grid server
Agent to Agent connectivity and remote takeover (RDP, Screenshare VNC etc) is dependent on a "Tunnel server" to initiate the connection between devices. Tunnel servers are connection relays hosted by Panda Security and build connections between devices to enable remote takeover sessions to occur.
These tunnel servers are located around the globe to provide maximum coverage and the best performance depending on your location.

To make the most out of the tunnel server grid, please ensure that the IP addresses relevant to your geographic location are open on your perimetral devices and your endpoints' firewalls. Access should be open, outbound, on TCP port 443:

EU (Ireland)


54.72.228.106
54.77.25.238
54.76.210.230
54.77.1.79
54.77.29.239
54.72.134.204
52.17.144.57
54.76.36.99
54.76.36.95
54.76.37.242
54.72.50.144
54.72.178.148

EU (Frankfurt)

54.93.70.139
54.93.63.109
52.28.143.32
52.28.142.189
52.29.179.182

US East (Virginia)

54.172.136.43
54.173.173.38
52.20.64.236
52.5.82.167
54.156.209.219
34.227.128.69

US West (Oregon)

54.191.106.204
54.187.170.202
54.200.178.30
52.34.11.113
52.25.80.37
54.68.30.38

Southamerica (Sao Paulo)

54.207.102.187
54.207.105.254

APAC (Sydney)

54.79.75.129
54.79.97.42
3.105.171.124
3.106.51.250

APAC (Singapore)

54.79.75.129
54.79.97.42
3.105.171.124
3.106.51.250

Middle East (Bahrain)

157.175.9.72
15.185.79.3

IP address for future use
EU (Ireland)

108.128.200.66
52.49.60.117
52.214.223.19
63.35.143.99

US East (Virginia)

3.211.80.125
35.170.148.86
52.22.230.203
54.164.228.61

US West (Oregon)

13.52.116.82
52.9.238.130
54.177.238.11
54.67.12.67

IMPORTANT! Aside from the IP addresses listed above, additional IPs may be used to access various Amazon Web Services (AWS) infrastructure. The list gets updated as AWS makes changes. For more information, refer to AWS IP Address Ranges.

URLs
In addition to IP addresses, some firewalls, proxies or security appliances may require access to the URL of the service as well as the IP address. If you are using a proxy or security appliance, ensure that the relevant URL's to your platform are whitelisted. Please note that they are all https / 443 outbound:

Web Service

  • https://01sm-ws.pandasecurity.com
  • https://sm-agent.pandasecurity.com
  • https://sm-audit.pandasecurity.com
  • https://sm-monitoring.pandasecurity.com
  • https://agent-gateway.panda.rmm.datto.com/
Agent Updates
  • https://update.pandasecurity.com
Web portal
  • https://sm.pandasecurity.com
  • https://sm-realtime.pandasecurity.com
Control channel
  • 01sm-cc.pandasecurity.com
  • sm-cc.pandasecurity.com
Tunnel server
  • sm-ts.pandasecurity.com
Component library
  • https://sm-cpt.pandasecurity.com
  • https://sm-cpt.pandasecurity.com.s3.amazonaws.com
MDM
  • https://pcsm-sm.pandasecurity.com
Future references
  • https://sm-cc.pandasecurity.com
  • https://sm-audit.pandasecurity.com
Ports
  • Port 13300 (TCP / UDP) used for the agent discovery.
    Please note that part of streamlining Agent-to-platform communication for this release requires the deprecation of Connection Brokers. As functionality becomes increasingly reliant on the Agent Process rather than the Agent Service, Connection Brokers add a level of complexity that is no longer necessary.
  • Port 13229 (TCP/UDP), for local cache connections.
  • Port 6800 (TCP) used for Agent communication with the process used to obtain software installers for Software Management policies.
  • Port 5223, 2195, 2196, 1640 for Apple notification services.
Related information
Minimum system requirements for the Systems Management Agent


Help nº- 20231113 300126 EN
ALWAYS ONLINE TO HELP YOU TWITTER FORUM
ALWAYS ONLINE TO HELP YOU TWITTER FORUM