Solved: Systems Manager Firewall Rules

mrbrettc · ‎04-24-2018

Hi all,

I am in the process of configuring a pilot for Meraki Systems Manager. I have reviewed the firewall information provided by Meraki, but I'm a little concerned with one of the rules.

The rules seem to require that outbound traffic to 'Any' destination IP, using ports 80,443,5228-5230 is allowed. This is a little concerning as it would essentially provide unrestricted internet access on single use devices.

Does anyone know if 'Any' destination IP can be translated into a list of domain names that we can allow through the firewall? Or if there's any other way around this?

Thanks,

Brett

Philip D'Ath · ‎04-24-2018

The list of domains would be huge.

It needs to talk to things like the Apple store, and all its URLs, the Goolge Play for Work store, and all its URLs, and then every URL needed by every app that is also deployed - and then there are the ones needed by the system itself.

Perhaps you should consider teaming it up with Umbrella so you can also have cloud based management and control?

View solution in original post

Philip D'Ath · ‎04-24-2018

The list of domains would be huge.

It needs to talk to things like the Apple store, and all its URLs, the Goolge Play for Work store, and all its URLs, and then every URL needed by every app that is also deployed - and then there are the ones needed by the system itself.

Perhaps you should consider teaming it up with Umbrella so you can also have cloud based management and control?