We are currently on v10.6.6.0 and in preparation for v11 upgrade. Our firewall team validated that all FW ports are open from SA Head to downstream servers. However, during telnet testing the ports are still failing (One IP allowed 15671 port in test). A RSA Support engineer said that these ports cannot be validated while on v10.6.6 and we would need to be on v11 in order to validate these specific ports. I just wanted to make sure this statement is true and valid before upgrade. Thanks.