IT Connect
Information technology tools and resources at the UW

Firewalls and Managed Workstation

Managed Workstation uses Windows Firewall to protect your Managed Workstation, and no other firewall should be necessary.

If a host-based firewall program is installed, our practice is to remove it because it will interfere with our ability to manage and protect your Managed Workstation. If you’d like to install and manage your own host-based firewall, Managed Workstation is unlikely a good fit, so we presume it is an accident.

However, we recognize that some customers need additional network layer (subnet) protections to meet regulatory compliance or to address the protection needs of other devices on the networks shared with your Managed Workstations. UW’s Managed Firewall service is an example of a network layer firewall.

In that scenario, we require that your network firewall permit the following traffic. This allows us to maintain, manage and protect your Managed Workstation. Without this access, we can not maintain your Managed Workstations.

Network firewall configuration required

The ports:

tcp 53, 80, 88, 135, 137, 139, 389, 443, 445, 636, 3268, 3269, 5985, 5986, *
udp 53, 88, 123, 135, 137, 138, 389, 445, 5985, 5986

* A range of dynamic RPC ports for the RPC endpoint mapper needs accessBy default, this is a large set of ports: 49152-65535/TCP.

need to be granted access to:

  • 128.95.155.0/25
  • 140.142.55.0/24
  • 172.16.31.0/24
  • 172.16.102.0/24
  • 172.16.103.0/24
  • 172.22.1.0/24
  • 172.22.122.0/27
  • 172.25.155.0/24