/
Which Firewall Ports Should Be Opened for SphereShield for Teams/Zoom?

Which Firewall Ports Should Be Opened for SphereShield for Teams/Zoom?

Owned by Agat Support
Last updated: May 19, 2024 by Support Admin

The following ports should be opened:

ComponentSource IPDestination IPDestination PortprotocolReasonremarks

Bastion - Reverse Proxy Server

AnyBastion Server443HTTPSReverse Proxy listening portSphereshield for SFB
Bastion -Forward Proxy ServerTeams ClientsBastion Server80*httpForward Proxy listening portSphereshield for Teams Proxy
Bastion - Proxy ServerBastion'sSQL server1433TCPTo allow the Bastion's filters to pull configurations which will determine the behavior of the filtersSphereshield for Teams Proxy
Access PortalAccess Portal'sSQL server1433TCPTo allow the Access Portal website access to the SQL DB where it is used to modify settings and preferences

Sphereshield for Teams Proxy

Sphereshield for Teams API

CASB AdapterCASB Adapter'sSQL server1433TCPTo allow the CASB Adapter to get users and groups..Sphereshield for Teams API
Bastion, CASB Adapter, and Admin PortalBastion, CASB Adapter, and Admin Portal

Office 365 IPs

*.agatcloud.com 

443
Communication Between Proxy and Teams servers

Skype for Business Online Sphereshield for Teams API


Admins and BastionAdmin Portal443
Management Console and API
Webhook ListenerWebhook Listener serverSQL server1433TCPInsert messages in DBWebhooks approach
Webhook ListenerMicrosoft IP'sWebhook Listener server443
Get Webhook notifications from MicrosoftWebhooks approach
Clients PC'sClient's*.agatcloud.com 443HTTPSTo get static scripts for clientsSphereshield for Teams Proxy

Microsoft GraphPlease refer to: Which URL's Should Be Opened for SphereShield when using Microsoft Graph for MS TeamsWebhooks approach

*Or the port that you use for proxy listening 


Firewall requirements for implementing eDiscovery using API 

Note:
eDiscovery via API doesn't require real-time responsiveness.  Hence the product does not need webhooks or the listener site.   Rather, it uses a polling method whereby our adapter process calls Microsoft's Graph API.  This involves HTTPS traffic from the internal network to Microsoft's network.





Related content

SphereShield for MS Teams Network System Requirements
SphereShield for MS Teams Network System Requirements
SphereShield CASB Knowledge Base
More like this
What are the Bastion Proxy System Requirements?
What are the Bastion Proxy System Requirements?
SphereShield CASB Knowledge Base
Read with this
Which Ports are Required to be Open In Order to Work with SphereShield for Exchange?
Which Ports are Required to be Open In Order to Work with SphereShield for Exchange?
SphereShield for Exchange Knowledge Base
More like this
How to configure the SphereShield Azure App for Sign in and groups?
How to configure the SphereShield Azure App for Sign in and groups?
SphereShield CASB Knowledge Base
Read with this
Topologies available for SphereShield for MS Teams
Topologies available for SphereShield for MS Teams
SphereShield CASB Knowledge Base
More like this
What Should be Configured in SphereShield for MS Teams Certificate?
What Should be Configured in SphereShield for MS Teams Certificate?
SphereShield CASB Knowledge Base
Read with this