Sign In with your
Trend Micro Account

Sign in to MySupport

Need Help?

Need More Help?

Create a technical support case if you need further support.

Communication ports used by Deep Security

- Updated:
- 6 Feb 2019
- Product/Version:
- Deep Security 10.0
- Deep Security 10.1
- Deep Security 10.2
- Deep Security 10.3
- Deep Security 11.0
- Deep Security 9.6
- Platform:
- HPUX 11.x
- IBM AIX
- Linux - Red Hat RHEL 4 32-bit
- Linux - Red Hat RHEL 4 64-bit
- Linux - Red Hat RHEL 5 32-bit
- Linux - Red Hat RHEL 5 64-bit
- Linux - Red Hat RHEL 6 32-bit
- Linux - Red Hat RHEL 6 64-bit
- Linux - SuSE 10
- Linux - SuSE 11
- Unix - Solaris (Sun) version 10 (SunOS 5.10)
- Unix - Solaris (Sun) version 9 (SunOS 5.9)
- VMware ESX 4.0
- VMware ESX 4.1
- VMware ESX 5.0
- VMware ESXi 4.0
- VMware ESXi 4.1
- VMware ESXi 5.0
- VMware vCenter 5.0
- Windows 2003 Enterprise
- Windows 2008 Enterprise

Summary

Learn about the different ports that Deep Security uses to communicate or connect to and from the Deep Security Manager (DSM), Deep Security Agent (DSA), Deep Security Relay (DSR), database communication, virtual appliance communication, and syslog communication.

The information below is for Deep Security On-Premise only. For Deep Security as a Service (DSaaS), please check this article: Restricting Outbound Access from Agents over Port 443.

Details

Deep Security Manager

Port	Direction	Purpose
4118 (TCP)	From Manager to Agent	Agents listening port. Manager-to-Agent communication.
4120 (TCP)	From the Agent to Manager	The "heartbeat" port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
4119 (TCP)	Going to Deep Security Manager console	Used by your browser to connect to Deep Security Manager. Also used for Deep Security Relay to retrieve software packages from Deep Security Manager.
443 (TCP)	From Manager to VMware vCenter, ESXi Host, vCloud Director, vShield/NSX Manager, AWS Server	Used to communicate with ESXi (DSVA Deployment), vCloud Director, vCenter and vShield/NSX Manager. Used also to retrieve list of computers from Amazon Web Services (AWS).
25 (TCP)	From Manager to SMTP server	Communication to an SMTP server to send email alerts (configurable: DSM > Administration > System Settings > SMTP).
53 (TCP)	From Manager to DNS	For DNS lookup
389, 636 (TCP)	Manager to LDAP server	Connection to an LDAP Server for Active Directory integration (configurable: DSM > Computers > Computers (right-click) > Add Directory wizard). 389 for Non SSL / 636 for SSL.

Deep Security Agent/Virtual Appliance

Port	Direction	Purpose
4118 (TCP)	From Manager to Agent/Appliance	Manager-to Agent/Appliance-communication. Agent/Appliance's listening port.
4120 (TCP)	From Agent/Appliance to Manager	The "heartbeat" port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
5274 (TCP)	Outgoing	Connection to Local Web Reputation Server
80/443 (TCP)	Outgoing	Connection to Global Web Reputation Server,Global File Reputation Server and Local File Reputation Server

Deep Security Relay

Port	Direction	Purpose
4118 (TCP)	From Manager to the Relay	Deep Security Manager sends commands to Deep Security Relay.
4122 (TCP)	From Manager/Agent to the Relay	Relay listening port. Manager to Relay communication for retrieving components, and Agent/Appliance retrieve updatable components
80 and 443 (TCP)	From Relay to Internet	iAU Security Updates

Database Communication

Port	Direction	Purpose
1433 (TCP)	Bi-directional	Microsoft SQL server
1521 (TCP)	Bi-directional	Oracle SQL Server

Syslog Communication

Port	Direction	Purpose
514 (UDP)	Manager-Initiated	Communication with Syslog server. (Configurable: DSM > Administration > System Settings > SIEM).

Control Manager (TMCM) Communication

Port	Direction	Purpose
80 or 443	Outgoing destination port	Connection with TMCM
4119	Source port from DSM	Connection with TMCM

For more information, refer to this Deep Security Help Center article: Port numbers, URLs, and IP addresses.

Rating:

Category:

Configure

Solution Id:

1060007

Feedback

Did this article help you?

Thank you for your feedback!

What was the problem with this article?

The image(s) in the article did not display properly.

The article did not provide detailed procedure.

The article is hard to understand and follow.

The video did not play properly.

The article did not resolve my issue.

Others. Please specify.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

Thanks for voting.

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:

We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.