Appendix 1b: Endpoint Manager Services - IP Nos, Host Names and Port Details - US Customers
Note: This page contains information for customers located in the USA. Click here to see 
-  
    Endpoint Manager communicates with ITarian servers and your devices to issue commands, run virus scans, deploy updates and more. 
-  
    You need to configure your firewall accordingly to allowthese connections .
- All client to server communications are encrypted over https connections using the strongest TLS protocols, RSA 2048 bit keysand SHA 256 algorithms.
-  
    The tables on this page show firewall requirements for the following ITarian services: 
| Communication Client (CC) | |||||
|---|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | Criticality and notes | 
| CC | Communication between device and EM server | subdomain.itsm-us1.comodo.com | Dynamic (Amazon load balancing) | 443 | Mandatory | 
| Enrollment | To get client certificates | mdmsupport.comodo.com (up to CCC 6.29) mdmsupport.cmdm. comodo.com (CCC 6.30+) mdmsupport.itsm-us1.comodo.com (CCC 6.30+) | Dynamic (Amazon load balancing) | 443 | Mandatory | 
| Monitoring and alerts | Access to Monitoring and alerts server | plugins.itsm-us1.comodo.com | Dynamic (Amazon load balancing) | 443 | Mandatory | 
| File rating management | Access to Local Verdict Server | subdomain.itsm-us1.comodo.com | Dynamic (Amazon load balancing) | 443 | Optional This is for reporting data from CCS | 
| Windows push service (XMPP) | Device communication (push messages) | xmpp.itsm-us1.comodo.com | 18.197.167.137 34.227.128.175 174.129.244.210 | 443 | Mandatory | 
| LDAP synchronization | Synchronization with LDAP via device | User's LDAP server host | User's LDAP server IP | 389 636 (LDAPS) | Optional For LDAP sync via device only. Related to Device to LDAP server connections only | 
| SSO | Single Sign On | one-us.comodo.com | Dynamic (Amazon load balancing) | 443 | Mandatory | 
| Client Security installation | Download 			and install/upgrade Client Security agent. comodo.com are redirected to  comodo.com 			which is managed by  | download.comodo.com | 178.255.82.5 | 443, 80 | Optional For CCS installation/upgrade only | 
| cdn.download.comodo.com | Cloudflare’s IP range: | ||||
| OCSP | Client certificate revocation checking | http://ocsp.comodoca.com/ | Dynamic load balancing | 80 | Optional For mobile devices only. Windows CC do not perform CRL checking yet | 
| CRL | Client certificate revocation checking | http://crl.comodoca.com/ | Dynamic load balancing | 80 | Optional For mobile devices only. Windows CC does not perform CRL checks. | 
| 3rd Party Patch Management | 3rd party applications updates | comodo.com |  Dynamic | 443 | Optional  | 
| Telemetry | Sending telemetry data for analysis | cescollector.cwatchapi.com | Dynamic (Amazon load balancing) | 443 | Optional | 
| Local distribution of packages | Distribute different types of updates via local network | Local hostname | Local IP | 6881, 6882 | Optional. Used for updates distribution locally by torrent principle. Ports are bound by EM Service. 6882 is used if 6881 is in use already. | 
| RMM logs collector | Collecting execution logs for procedures and inventory scans | rmm-api.itsm-us1.comodo.com | Dynamic (Amazon load balancing) | 443 | Mandatory | 
| EDR agent | Enrollment, events sending | api.dragonplatform.net | 35.222.52.117 | 443 | Mandatory | 
Comodo Client - Security (CCS)
| Client - Security (CCS) | ||||||
|---|---|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | Protocol | Criticality and notes | 
| FLS | FLS lookup | fls.security. comodo.com | 45.77.153.162 | 4447 (optional), 53 | UDP | Mandatory -  choose *either* UDP or 			TCP for FLS | 
| FLS lookup | fls.security. comodo.com | 45.77.153.162 | 4448 (optional), 80 | TCP | Mandatory - choose *either* UDP or 			TCP for FLS | |
| Valkyrie | Valkyrie lookup | valkyrie. comodo.com | Dynamic (Amazon load balancing) | 443 | HTTPS | Optional  | 
| Submit to Valkyrie | valkyrie. comodo.com | Dynamic (Amazon load balancing) | 443 | HTTPS | Mandatory | |
| cdn.download. comodo.com | Update / upgrade mirror | cdn.download. comodo.com | Dynamic (BelugaCDN network) | 443 | HTTPS | Mandatory | 
| download. comodo.com | Update/ upgrade. comodo.com are redirected to  comodo.com 			which is managed by  | download. comodo.com | 178.255.82.5 | 80 | HTTP | Mandatory | 
| download. comodo.com | 178.255.82.5 | 443 | HTTPS | Mandatory | ||
| LVS | Download the EM verdicts database | s3.us-east-1. amazonaws.com | Dynamic (Amazon load balancing) | 443 | HTTPS | Mandatory | 
| LVS lookup | subdomain. itsm-us1.comodo.com | Dynamic (Amazon load balancing) | 443 | HTTPS | ||
| OCSP | Client certificate revocation checking | http://ocsp. comodoca.com/ | Dynamic load balancing | 80 | - | Optional | 
| CRL | Client certificate revocation checking | http://crl. comodoca.com/ | Dynamic load balancing | 80 | - | Optional | 
|  | Sending telemetry data for analysis | tel.security.comodo.com | 159.203.65.195 | 261 | HTTPS | |
|  | Sending telemetry data for analysis | api.mssp. comodo.com | Dynamic (Amazon load balancing) | 443 | HTTPS | |
| Sending telemetry data for analysis | cis.td.security. comodo.com | Dynamic (Amazon load balancing) | 443 | HTTPS | ||
Endpoint Manager Server (on premise installation)
| Endpoint Manager Server ( | ||||
|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | 
|  | Connection to the configured SMTP server for e-mail sending | SMTP server hostname | SMTP server IP | 25 | 
| LDAP synchronization | Direct synchronization with LDAP | User's LDAP server host | User's LDAP server IP | 389 636 (LDAPS) | 
| Connection to Comodo Accounts Manager | License verification | https://accounts.comodo.com | 178.255.85.140 | 443 | 
| Google Cloud Messaging | To push messages | https://android.googleapis.com/gcm/send | Dynamic | 443 | 
| Local Verdict Server | File rating management | Endpoint Manager server hostname | Endpoint Manager server IP | 443 | 
| Remote Control | ||||||
|---|---|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | Protocol | Criticality and notes | 
| XMPP | Remote Control Session (with new version of Comodo RC* | xmpp.itsm-us1. comodo.com | 18.197.167.137 34.227.128.175 174.129.244.210 | 443 | HTTPS | Mandatory for both RC host and target device | 
| STUN server | To receive possible network configuration, 			external  | stun.l. google.com | Dynamic | 19302 | UDP | Mandatory for both RC host and target device for peer-to-peer and relay connections. | 
| Direct connection | Establish  RC and target device | - | IP of the | 
 49152 - 65535 =1025-5000 | UDP | Mandatory for both RC host and target device for direct connections. | 
| Peer-to-peer connection | Establish | - | 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | 3478 | UDP | Mandatory for both RC host and target device for peer-to-peer connections. | 
| Relay connection | Establish | - | 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | 3478, 49152 - 65535 | UDP | Mandatory for both RC host and target device for relay connections. | 
| RTDC Hosts | File Transfer, Remote Tools | rtdc-relay-0.itsm-us1.comodo.com rtdc-relay-1.itsm-us1.comodo.com rtdc-relay-2.itsm-us1.comodo.com | 443 | HTTPS | Mandatory for both RC host and target device for Remote Tools and File Transfer features | |
Remote Control – Direct connection by traffic direction*
| Outgoing Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| Local IP 1 | local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | Local IP 2 | local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | UDP | 
| Incoming Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| Local IP 2 | local port range  specified in 			profile | Local IP 1 | local port range  specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | UDP | 
* - applicable to both sides - RC and target.
Remote Control - Peer to Peer Connection by traffic direction*
| Outgoing Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| Local IP | local port range specified in profile Win7+/MacOS default port range:  49152 - 65535 WinXP/2003 default port range: 1025-5000 | 
 18.196.107.208
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         52.29.123.206
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         34.232.133.48
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         18.208.23.45
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         
 | 3478 | UDP | 
| Local IP | local port range specified in profile Win7+/MacOS default port range: 49152 — 65535 WinXP/2003 default port range: 1025-5000 | stun.l.google.com | 19302 | |
| Incoming Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| 18.196.107.208
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         52.29.123.206
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         34.232.133.48
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         18.208.23.45
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         
 | 3478 | Local IP | local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | UDP | 
| stun.l.google.com | 19302 | Local IP | local port range specified in profile Win7+/MacOS default port range:  49152 - 65535 WinXP/2003 default port range: 1025-5000 | |
* - applicable to both sides - RC and target.
Remote Control - Relay Connection by traffic direction*
| Outgoing Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | 
 49152 - 65535 | UDP | |
| Local IP | local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range:  1025 - 5000 | 19302 | UDP | |
| Incoming Traffic | ||||
|---|---|---|---|---|
| Source | Destination | Protocol | ||
| IP | Port | IP | Port | |
| 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | 3478, 49152 - 65535 | Local IP | 
 Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | UDP | 
| 19302 | Local IP | local port range specified in profile Win7+/MacOS default port range: 49152 - 65535 WinXP/2003 default port range: 1025-5000 | UDP | |
* - applicable to both sides - RC and target.
| Diagnostics Tools | |||||
|---|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | Criticality and notes | 
| CCS Report Tool | Collect event logs to help more effectively troubleshoot issues | c1report.comodo.com | 178.255.85.136 | 22 | Optional. For manual logs uploads | 
This table contains the same information as the other four tables on this page but with services grouped by port number.
| Settings Grouped by Port | |||||
| Port | Service | IP | URL / Hostname | Protocol | Component | 
|---|---|---|---|---|---|
| 443 | CC | Dynamic (Amazon load balancing) | subdomain.itsm-us1.comodo.com | HTTPS | Communication Client  | 
| Telemetry | Dynamic (Amazon load balancing) | cescollector.cwatchapi.com | HTTPS | ||
| Enrollment | Dynamic (Amazon load balancing) | mdmsupport.comodo.com (up to CCC 6.29) comodo.com (CCC 6.30+) (CCC 6.30+) | HTTPS | ||
| Monitoring and alerts | Dynamic (Amazon load balancing) | plugins.itsm-us1.comodo.com | HTTPS | ||
| File rating management | Dynamic (Amazon load balancing) | subdomain.itsm-us1.comodo.com | HTTPS | ||
| Windows push service (XMPP) | 18.197.167.137 34.227.128.175 174.129.244.210   | xmpp.itsm-us1.comodo.com | HTTPS | ||
| SSO | 69.4.89.244 | one-us. comodo.com | HTTPS | ||
| 3rd party patch management |  Dynamic | patchportal.one-us. comodo.com | HTTPS | ||
| Client Security installation | 178.255.82.5 | download. comodo.com | HTTPS | ||
| Cloudflare’s IP range: | cdn.download. comodo.com | HTTPS | |||
| Valkyrie | 178.255.87.4 | valkyrie. comodo.com | HTTPS | Comodo Client Security | |
| Update/upgrade. comodo.com are redirected to  comodo.com 			which is managed by  | 178.255.82.5 | download. comodo.com | HTTPS | ||
| FLEVEN | Dynamic (Amazon load balancing) |  cis.td.security. comodo.com
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
        
         | HTTPS | ||
| CWATCH | Dynamic (Amazon load balancing) | api.mssp. comodo.com | HTTPS | ||
| Updates/upgrades mirror | Cloudflare’s IP range: | cdn.download. comodo.com | HTTPS | ||
| LVS | Dynamic (Amazon load balancing) | s3.us-east-1. amazonaws.com | HTTPS | ||
| Dynamic (Amazon load balancing) | subdomain.itsm-us1.comodo.com | HTTPS | |||
| License verification | 178.255.85.140 | accounts. comodo.com | HTTPS | EM server (on premise) | |
| Google cloud messaging | Dynamic | android.googleapis. com/gcm/send | HTTPS | ||
| Apple push notifications | Dynamic | gateway.push. apple.com | HTTPS | ||
| Local Verdict Server | EM server IP | EM server hostname | HTTPS | ||
| XMPP | 18.197.167.137 34.227.128.175 174.129.244.210 | xmpp.itsm-us1.comodo.com | HTTPS | Remote Control | |
| 80 | Client Security installation | 178.255.82.5 | download. comodo.com | HTTPS | Communication Client  | 
| Cloudflare’s IP range: | cdn.download. comodo.com | HTTPS | |||
| OCSP | Dynamic load balancing | http://ocsp.comodoca.com/ | HTTPS | ||
| CRL | Dynamic load balancing | http://crl. comodoca.com/ | HTTPS | ||
| FLS Lookup | 45.77.153.162 | fls.security. comodo.com | HTTPS | Comodo Client Security | |
| Update/upgrade. comodo.com are redirected to  comodo.com 			which is managed by  | 178.255.82.5 | download. comodo.com | HTTPS | ||
| Updates/upgrades mirror | Cloudflare’s IP range: | cdn.download. comodo.com | HTTPS | ||
| OCSP | Dynamic load balancing | http://ocsp.comodoca.com/ | HTTPS | ||
| CRL | Dynamic load balancing | http://crl.comodoca.com/ | HTTPS | ||
| Apple push notifications | Dynamic | gateway.push.apple.com | HTTPS | EM server (on premise) | |
| 22 | CCS Report Tool | 178.255.85.136 | C1report.comodo.com | SSH | Comodo Client Security | 
| 25 | SMTP server IP | SMTP server hostname | SMTP | EM server (on premise) | |
| 53 | FLS Lookup | 45.77.153.162 | fls.security.comodo.com | UDP | Comodo Client Security | 
| 4447 (Optional) | FLS Lookup | 45.77.153.162 | fls.security.comodo.com | UDP | Comodo Client Security | 
| 4448 (Optional) | FLS Lookup | 45.77.153.162 | fls.security.comodo.com | UDP | Comodo Client Security | 
| 389 | LDAP synchronization | User's LDAP server IP | User's LDAP server IP |  | Comodo Client Communication | 
| LDAP synchronization | User's LDAP server IP | User's LDAP server IP |  | EM server (on premise) | |
| 636 | LDAP synchronization | User's LDAP server IP | User's LDAP server IP |  | Communication Client  | 
| LDAP synchronization | User's LDAP server IP | User's LDAP server IP |  | EM server (on premise) | |
| 2195 | Apple push notifications | Dynamic | gateway.push.apple.com |  | EM server (on premise) | 
| 2196 | Apple push notifications | Dynamic | gateway.push.apple.com |  | EM server (on premise) | 
| 6881, 6882 | Local distribution of packages | Local IP | Local hostname | TCP | Communication Client | 
| 261 | Telementry | 159.203.65.195 | tel.security. comodo.com | HTTPS | Comodo Client Security | 
| 19302 | STUN server | Dynamic (Amazon load balancing) | stun.l.google.com | UDP | Remote Control | 
| Win7+/MacOS. Default port range = 49152-65535 | Direct connection | IP of the RC host AND target host | N/A | UDP | |
| 3478 | Peer-to-peer connection | 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | - | UDP | |
| 3478, 49152 - 65535 | Relay connection | 18.196.107.208
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             52.29.123.206
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             34.232.133.48
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             18.208.23.45
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
            
             | - | UDP | |
| Diagnostics tools | |||||
|---|---|---|---|---|---|
| Service | Purpose | Hostname | IP | Port | Criticality and notes | 
| Bulk Installation Package | Download Bulk Installation Package | bulk-installation-package.itsm-us1.comodo.com | Dynamic(Amazon load Balancing) | 443 | Mandatory only for Bulk Installation Package downloading | 
 
                                         
                                                            