Access Requirements to/from the Internet

tcp/22 in (ssh admin)from our jumphosts or VPN
tcp/80 Out(HTTP) download installation and update packages ->
tcp/25 out(mail) from the box out so can receive email notifications
udp/123 outfrom the box out for time sync
udp/53 out(DNS)
tcp/22 outfor Iris CONFIG BACKUP to
udp/514 out

Iris Alerts for external monitoring
tcp + udp/655 in+outFor remote monitoring
Access Requirements on the LAN/WAN

tcp/80 or 443Access web portal on the LAN
udp/162 in(SNMP traps) - this will give us Steering-pool traps
tcp/21 and 20 in(FTP for HDR, CDR ) - for ACME to talk to Iris server
udp/161 out(servers and network devices to be monitored)
ICMP(servers and network devices to be monitored)
tcp/3377 in(distributed polling)
udp/9996 in(Netflow)
udp/514 in(syslogs including Fortigates)
udp/5354 in(active monitoring)

Jumphost Hosts: and