Hi Team,
In the environment, there is one SEPM server which resides on the internal network and is not published on the internet. This creates a problem that when a user is not on the corporate network and is at home, if any virus alert is created, SEPM server will only be notifed once this user joins the corporate network either via VPN or by physically connecting it in the office.
However, we intend to enhance this capability by publishing our SEPM servér's specific ports over the internet so that the endpoints, even if not on corporate network, can send their logs/data to SEPM server. In this regard, the following link seems to suggest that only port 443 should work fine however, i would look forward to an SME's advise on this.
In addition to this, is it possible that we deploy a new SEPM server inside a DMZ network, publish it over the internet on, say port 443, and this DMZ SEPM would receive the logs/updates from the clients over the internet and then sync. with internal SEPM server. Kindly advise on this design and which ports would we need to open between the DMZ SEPM and the internal SEPM server?
ref link:
Communication ports used by Endpoint Protection------------------------------
kashif
------------------------------