Preparing the IT infrastructure for Kaspersky Sandbox installation
Before installation of the application, prepare your corporate IT infrastructure:
Ensure that the servers, the computer intended for managing the application web interface, and the workstations intended for the installation of the EPP (Kaspersky Endpoint Security) and Kaspersky Endpoint Agent satisfy the hardware and software requirements.
Prepare the corporate IT infrastructure for installation of Kaspersky Sandbox:
For both network interfaces, block access of the Kaspersky Sandbox server to the corporate LAN in order to keep the network safe from the objects being analyzed.
For the first network interface, allow Internet access for the Kaspersky Sandbox server for the purpose of analysis of object behavior.
For the second network interface:
Allow inbound connections to the Kaspersky Sandbox server on the following ports:
TCP 22 for connection to the server over the SSH protocol.
TCP 80 and 8443 for using the application web interface.
TCP 443 for interacting with external systems over the REST API interface, for adding servers to a cluster, for balancing object processing tasks between servers in the cluster.
TCP 3301 for synchronizing data about processed objects between servers in the cluster.
UDP 15000 for interacting with the Network Agent (nagent) of the Kaspersky Security Center.
Allow outbound connections from the Kaspersky Sandbox server on the following ports:
TCP 443 and 80 for database update.
TCP 13000 and 14000 for synchronizing data with the Network Agent (nagent) of Kaspersky Security Center. Ports are configured on the side of Kaspersky Security Center. TCP 13000 and 14000 are default values, you can modify them.
Allow direct inbound connections between workstations that have EPP and Kaspersky Endpoint Agent installed and the Kaspersky Sandbox without a proxy server.
Configure network equipment to allow an encrypted communication link between Kaspersky Sandbox servers.
If needed, you can designate other ports for Kaspersky Sandbox to use in the administrator menu of the Kaspersky Sandbox server. If you change the ports in the administrator menu, you need to allow connections to these ports in your corporate IT infrastructure.