Saudações a todos,
Segue resumão de portas utilizadas pelo TrendMicro Deep Security. Mapa e descrição abaixo.
Core
| Port |
Direction |
Purpose |
| 4118 (TCP) |
From Manager to the Agent |
Agents listening port. Manager-to-Agent communication. |
| 4120 (TCP) |
From the Agent to the Manager |
The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager. |
| 4119 (TCP) |
Going to the Deep Security Manager console |
Used by your browser to connect to Deep Security Manager. Also used for Deep Security Relay to retrieve software packages from Deep Security Manager. |
| 443 (TCP) |
From Manager to VMware vCenter, ESXi Host, vCloud Director, vShield/NSX Manager, AWS Server |
Used to communicate with ESXi (DSVA Deployment), vCloud Director, vCenter and vShield/NSX Manager. Used also to retrieve list of computers from Amazon Web Services (AWS). |
| 25 (TCP) |
From Manager to SMTP server |
Communication to an SMTP server to send email alerts (configurable: DSM > Administration > System Settings >SMTP). |
| 53 (TCP) |
From Manager to DNS |
For DNS lookup |
| 389, 636 (TCP) |
Manager to LDAP server |
Connection to an LDAP Server for Active Directory integration (configurable: DSM > Computers > Computers (right-click) >Add Directory wizard). 389 for Non SSL / 636 for SSL. |
Deep Security Agent/Virtual Appliance
| Port |
Direction |
Purpose |
| 4118 (TCP) |
From Manager to the Agent/Appliance |
Manager-to Agent/Appliance-communication. Agent/Appliance’s listening port. |
| 4120 (TCP) |
From the Agent/Appliance to the Manager |
The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager. |
| 5274 (TCP) |
Outgoing |
Connection to Local Web Reputation Server |
| 80/443 (TCP) |
Outgoing |
Connection to Global Web Reputation Server,Global File Reputation Server and Local File Reputation Server |
Deep Security Relay
| Port |
Direction |
Purpose |
| 4118 (TCP) |
From Manager to the Relay |
Deep Security Manager sends commnands to Deep Security Relay. |
| 4122 (TCP) |
From Manager/Agent to the Relay |
Relay listening port. Manager to Relay communication for retrieving components, and Agent/Appliance retrieve updatable components |
| 80 and 443 (TCP) |
From Relay to the Internet |
iAU Security Updates |
Database Communication
| Port |
Direction |
Purpose |
| 1433 (TCP) |
Bi-directional |
Microsoft SQL server |
| 1521 (TCP) |
Bi-directional |
Oracle SQL Server |
Syslog Communication
| Port |
Direction |
Purpose |
| 514 (UDP) |
Bi-directional |
Communication with Syslog server. (Configurable: DSM >Administration > System Settings > SIEM). |
Control Manager (TMCM) Communication
| Port |
Direction |
Purpose |
| 80 or 443 |
Outgoing destination port |
Connection with TMCM |
| 4119 |
Source port from DSM |
Connection with TMCM |
