Saudações a todos,
Segue resumão de portas utilizadas pelo TrendMicro Deep Security. Mapa e descrição abaixo.
Core
Port |
Direction |
Purpose |
4118 (TCP) |
From Manager to the Agent |
Agents listening port. Manager-to-Agent communication. |
4120 (TCP) |
From the Agent to the Manager |
The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager. |
4119 (TCP) |
Going to the Deep Security Manager console |
Used by your browser to connect to Deep Security Manager. Also used for Deep Security Relay to retrieve software packages from Deep Security Manager. |
443 (TCP) |
From Manager to VMware vCenter, ESXi Host, vCloud Director, vShield/NSX Manager, AWS Server |
Used to communicate with ESXi (DSVA Deployment), vCloud Director, vCenter and vShield/NSX Manager. Used also to retrieve list of computers from Amazon Web Services (AWS). |
25 (TCP) |
From Manager to SMTP server |
Communication to an SMTP server to send email alerts (configurable: DSM > Administration > System Settings >SMTP). |
53 (TCP) |
From Manager to DNS |
For DNS lookup |
389, 636 (TCP) |
Manager to LDAP server |
Connection to an LDAP Server for Active Directory integration (configurable: DSM > Computers > Computers (right-click) >Add Directory wizard). 389 for Non SSL / 636 for SSL. |
Deep Security Agent/Virtual Appliance
Port |
Direction |
Purpose |
4118 (TCP) |
From Manager to the Agent/Appliance |
Manager-to Agent/Appliance-communication. Agent/Appliance’s listening port. |
4120 (TCP) |
From the Agent/Appliance to the Manager |
The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager. |
5274 (TCP) |
Outgoing |
Connection to Local Web Reputation Server |
80/443 (TCP) |
Outgoing |
Connection to Global Web Reputation Server,Global File Reputation Server and Local File Reputation Server |
Deep Security Relay
Port |
Direction |
Purpose |
4118 (TCP) |
From Manager to the Relay |
Deep Security Manager sends commnands to Deep Security Relay. |
4122 (TCP) |
From Manager/Agent to the Relay |
Relay listening port. Manager to Relay communication for retrieving components, and Agent/Appliance retrieve updatable components |
80 and 443 (TCP) |
From Relay to the Internet |
iAU Security Updates |
Database Communication
Port |
Direction |
Purpose |
1433 (TCP) |
Bi-directional |
Microsoft SQL server |
1521 (TCP) |
Bi-directional |
Oracle SQL Server |
Syslog Communication
Port |
Direction |
Purpose |
514 (UDP) |
Bi-directional |
Communication with Syslog server. (Configurable: DSM >Administration > System Settings > SIEM). |
Control Manager (TMCM) Communication
Port |
Direction |
Purpose |
80 or 443 |
Outgoing destination port |
Connection with TMCM |
4119 |
Source port from DSM |
Connection with TMCM |