Follow the below procedures provided by Symantec Support.
Ports and hostnames used by Messaging Gateway
TECH94152
Last Updated October 04, 2019
Situation
- Symantec Messaging Gateway (SMG) scanner, control center, or combination server cannot access LiveUpdate.
- SMG does not allow an update to the latest version.
Cause
The SMG server cannot route correctly to the update servers due to external firewall.
Solution
The following table illustrates the firewall ports and hostnames used by Symantec Messaging Gateway products:
HOSTNAME | PROTOCOL | PORT |
swupdate.brightmail.com | TCP | 443 |
register.brightmail.com | TCP | 443 |
probes.brightmail.com | TCP | 443 |
aztec.brightmail.com | TCP | 443 |
liveupdate.symantec.com | TCP | 80 |
liveupdate.symantecliveupdate.com | TCP | 80 |
definitions.symantec.com | TCP | 80 |
securityresponse.symantec.com | TCP | 80 |
rules.ara.brightmail.com | TCP | 443 |
For customers wishing to secure the outbound communications from their SMG hosts, use these hostnames to define the allowed endpoints.
If firewalls that require an IP address only are needed, and the SMG hosts only require HTTPS access, Symantec recommends using a web proxy to facilitate this communication and to use the access control policy within the web proxy to control the allowed destinations.
The hosts that are required for normal operation are below. These hostnames in turn resolve to a number of different IP addresses and may change at times in the future:
- register.brightmail.com
- swupdate.brightmail.com
- probes.brightmail.com
- aztec.brightmail.com
- liveupdate.symantec.com
- liveupdate.symantecliveupdate.com
- definitions.symantec.com
- securityresponse.symantec.com
- rules.ara.brightmail.com
Once you completed the above procedures, follow below recommendations.
- Check and investigate from Sonicwall Firewall (In our case SMG download is blocked by Gateway Antivirus)
- Allow SMG update server IP 152.195.132.120 from your Gateway Antivirus