Forum Discussion
Azure ATP Sensor tries to connect to public IPs
After installing Azure ATP Sensor on a domain controller for testing, I see a number of failed connection attempt to external IPs (specifically our public DNS IPs) on ports 3389, 135, 137 from that d...
If we block outbound traffic from the domain controllers to ports 135, 137, & 3389 to our public DNS resolvers, will this cause an issue or generate any alerts for the Azure ATP sensor. We're looking to harden firewall traffic and only permit 53 outbound from the DC to trusted DNS servers.
EliOfek
Microsoft
MicrosoftAzureGuineaPig As long as the FW will refuse connection immediately and not act as a sink hole it should be fine.