The Systems Management (PCSM) dynamic load balancing technology means that no single IP address is ever assigned to the PCSM configuration. This greatly increases our platform resilience as we have no single point of failure.
If you are configuring a firewall for Systems Management, access should be open, outbound to the following IP addresses:

IP addresses
EU (Ireland)

MDM only


IP addresses for the tunnel grid server
Agent to Agent connectivity and remote takeover (RDP, Screenshare VNC etc) is dependent on a “Tunnel server” to initiate the connection between devices. Tunnel servers are connection relays hosted by Panda Security and build connections between devices to enable remote takeover sessions to occur.
These tunnel servers are located around the globe to provide maximum coverage and the best performance depending on your location.

To make the most out of the tunnel server grid, please ensure that the IP addresses relevant to your geographic location are open on your perimetral devices and your endpoints’ firewalls. Access should be open, outbound, on TCP port 443:

EU (Ireland)

EU (Frankfurt)

US East (Virginia)

US West (Oregon)

Southamerica (Sao Paulo)

APAC (Sydney)

APAC (Singapore)

Niddle East (Bahrain)

IP address for future use
EU (Ireland)

US East (Virginia)

US West (Oregon)

In addition to IP addresses, some firewalls, proxies or security appliances may require access to the URL of the service as well as the IP address. If you are using a proxy or security appliance, ensure that the relevant URL’s to your platform are whitelisted. Please note that they are all https / 443 outbound:

Web Service

  • https://01sm-ws.pandasecurity.com
  • https://sm-agent.pandasecurity.com
  • https://sm-audit.pandasecurity.com
  • https://sm-monitoring.pandasecurity.com

Agent Updates

  • https://update.pandasecurity.com

Web portal

  • https://sm.pandasecurity.com
  • https://sm-realtime.pandasecurity.com

Control channel

  • 01sm-cc.pandasecurity.com
  • sm-cc.pandasecurity.com

Tunnel server

  • sm-ts.pandasecurity.com

Component library

  • https://sm-cpt.pandasecurity.com
  • https://sm-cpt.pandasecurity.com.s3.amazonaws.com


  • https://pcsm-sm.pandasecurity.com

Future references

  • https://sm-cc.pandasecurity.com
  • https://sm-audit.pandasecurity.com


  • Port 13300 (TCP / UDP) used for the agent discovery.
    Please note that part of streamlining Agent-to-platform communication for this release requires the deprecation of Connection Brokers. As functionality becomes increasingly reliant on the Agent Process rather than the Agent Service, Connection Brokers add a level of complexity that is no longer necessary.
  • Port 13229 (TCP/UDP), for local cache connections.
  • Port 6800 (TCP) used for Agent communication with the process used to obtain software installers for Software Management policies.
  • Port 5223, 2195, 2196, 1640 for Apple notification services.

Source : Official Panda Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.