Networking and Firewall

Inbound port 443/TCP must be open on the FDC server for management dashboard access and agent connections. This port does not require public exposure if users and agents operate within a company VPN; internal network access is sufficient.

Outbound HTTPS (port 443) connections to the endpoints listed below must be allowed, with SSL inspection disabled. All traffic to these URLs should bypass interception and pass through unaltered.

Source	Destination	Port	Protocol	Purpose
Admin systems	FDC server	443, 22	HTTPS, SSH	Admin access to FDC server dashboard and shell
Endpoint systems	FDC server	443	HTTPS	FDC agent communication with server
FDC server	https://assets.master.k3s.getvisibility.com	443	HTTPS	Custom K3s installation files
FDC server	https://images.master.k3s.getvisibility.com	443	HTTPS	Private Docker registry
FDC server	https://charts.master.k3s.getvisibility.com	443	HTTPS	Private Helm registry
FDC server	https://prod-eu-west-1-starport-layer-bucket.s3.eu-west-1.amazonaws.com	443	HTTPS	Docker registry AWS CDN
FDC server	https://rpm.rancher.io	443	HTTPS	Rancher RPM repo for SELinux packages - RHEL/CentOS only, required during K3s install
FDC server	https://agents.master.k3s.getvisibility.com	443	HTTPS	Agent client binaries and Office add-ins
FDC server	https://api.master.k3s.getvisibility.com	443	HTTPS	Private API server
FDC server	https://rancher.%5Breseller%5D.k3s.getvisibility.com	443	HTTPS	Rancher management server. [reseller] is one of: master, forcepointemea, fpemea, forcepointapac, forcepointus, saas, forcepointpocemea, forcepointpocapac, forcepointpocus.
FDC server	https://registry2.getvisibility.com/content/artifacts	443	HTTPS	Agent packages

Network speed requirements:

Minimum: 40 Mbps download, 8 Mbps upload
Recommended for faster initial setup: 100 Mbps download or more.

Note: K3s may attempt to reach git.rancher.io (a hard-coded default repository). This can safely be blocked - Forcepoint uses its own private repository and blocking this URL has no impact on deployment.