Systems Manager Firewall Rules

SOLVED
mrbrettc
Conversationalist

Systems Manager Firewall Rules

Hi all,

 

I am in the process of configuring a pilot for Meraki Systems Manager. I have reviewed the firewall information provided by Meraki, but I'm a little concerned with one of the rules.

 

The rules seem to require that outbound traffic to 'Any' destination IP, using ports 80,443,5228-5230 is allowed. This is a little concerning as it would essentially provide unrestricted internet access on single use devices.

 

Does anyone know if 'Any' destination IP can be translated into a list of domain names that we can allow through the firewall? Or if there's any other way around this?

 

Thanks,

Brett

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

The list of domains would be huge.

 

It needs to talk to things like the Apple store, and all its URLs, the Goolge Play for Work store, and all its URLs, and then every URL needed by every app that is also deployed - and then there are the ones needed by the system itself.

 

Perhaps you should consider teaming it up with Umbrella so you can also have cloud based management and control?

View solution in original post

1 REPLY 1
PhilipDAth
Kind of a big deal
Kind of a big deal

The list of domains would be huge.

 

It needs to talk to things like the Apple store, and all its URLs, the Goolge Play for Work store, and all its URLs, and then every URL needed by every app that is also deployed - and then there are the ones needed by the system itself.

 

Perhaps you should consider teaming it up with Umbrella so you can also have cloud based management and control?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels