Cloud SWG (formerly known as WSS)
Some ports must be opened on your firewalls to allow connectivity to the various cloud service components and data centers.
The ports vary depending upon the configured cloud access methods.
For converting proxy.threatpulse.net to your relevant geographical IP address(es), refer to Data Center IP Addresses.
All firewall rules must allow outbound connections to the following ports:
Reference: Required Locations, Ports, and Protocols
Firewall/VPN (IPSEC):
Proxy Forwarding:
Remote Users: (Mobility client)
Transproxy:
Explicit Proxy:
MDM Integration: (for example, Airwatch)
Authentication: (BCCA.exe)
Authentication: (ACLogon.exe; log-in script for sending logged-in credentials directly to BCCA.)
SAML:
Roaming Captive Portal:
Internal ports: (between BCCA server and Domain Controllers)