Reset Search



KB44901 - List of Windows Core Exception Rules for Lockdown

« Go Back


Last Modified Date11/9/2021 2:28 AM
This article provides a list of lock down mode core exception rules for Windows.
Problem or Goal

Up through Pulse desktop client version 9.1R10, the lockdown exception rules (core access V1 when reviewing the logs) were pre-defined and administrators could not make configuration adjustments.

Starting with Pulse desktop client 9.1R11, the PCS populates a list of exemptions (core access V2 when reviewing the logs) based on the endpoint platform. Administrators using the Pulse Connect Secure (PCS) version 9.1R11 and later are now allowed to modify and reorder the exemption list. Administrators can also configure the exception rules with allow/deny option.

LSA NetLogonC:\WINDOWS\system32\lsass.exeTCP & UDP*Inbound & Outbound
SCCM NotificationC:\WINDOWS\CCM\SCNotification.exeTCP & UDP*Inbound & Outbound
Printer SpoolerC:\WINDOWS\System32\spoolsv.exeTCP & UDP*Outbound
DHCP - IPv6C:\Windows\System32\svchost.exeUDPL:546 R:547Inbound & Outbound
DHCP - IPv4C:\Windows\System32\svchost.exeUDPL:68 R:67Inbound & Outbound
KerberosSystem ProcessTCP & UDPR:88Outbound
Kerberos Password ChangeSystem ProcessTCP & UDPR:464Outbound
LDAPSystem ProcessTCP & UDPR:389Outbound
LDAPSSystem ProcessTCPR:636Outbound
AD Global CatalogueSystem ProcessTCPR:3268,3269Outbound
SMBSystem ProcessTCP & UDPR:445Outbound
PortmapperSystem ProcessTCPR:135Outbound
SMTPSystem ProcessTCPR:25Outbound
WINSSystem ProcessTCPR:42Outbound
NETBIOSSystem ProcessTCP & UDPR:137,138,139Outbound
NTPSystem ProcessUDPR:123Outbound
Router Solicitation ICMPv6R:133Outbound
Router Advertisement ICMPv6L:134Inbound
Neighbor Solicitation ICMPv6L:135 R:135Inbound & Outbound
Neighbor Advertisement ICMPv6L:136 R:136Inbound & Outbound
Multicast Listener Discovery ICMPv6R:143Outbound


L - Local port

R - Remote port

*(star) -  All ports (wild card)

Related Links
Attachment 1 
Created ByJayanth Chettidurai



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255