Cannot install in heavily firewalled environment

newcastleuniversity / puppet_module_microsoft_defender_atp_agent

Adapted from https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/linux-install-with-puppet

0 stars 0 forks source link

Closed ChrisRitson closed 1 year ago

ChrisRitson commented 2 years ago

In a heavily firewalled build environment, the use of port 80 needs to be explicit to prevent the use of a special-purpose key-server port.

threepistons commented 2 years ago

My approach to this is:

set the port by default to 443, as outbound port filtering of uncommon ports is likely to be a common problem in the kind of organisation that wants Defender on machines;
allow the module consumer to override the keyserver using parameters.

I prefer 443 over 80 to prevent man-in-the-middle attacks.