Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Ports and protocols used by OfficeScan/Apex One that should be allowed through a firewall or router

    • Updated:
    • 19 May 2021
    • Product/Version:
    • Apex Central 2019
    • Apex Central All.All
    • OfficeScan 10.6
    • OfficeScan 11.0
    • OfficeScan 11.0
    • OfficeScan XG
    • OfficeScan XG.All
    • Platform:
Summary

This article enumerates the different ports and protocols used in OfficeScan/Apex One, which should be allowed to communicate via firewall or router. This is typically the scenario in case the customer deployed either an OfficeScan/Apex One server or a client/agent in a DMZ or they have segmented their network into multiple subnets.

Details
Public
  • Agent/Server communication port - It is a random 5-digit port number set during installation. To determine this port number, check the "Client_LocalServer_Port" parameter in the \PCCSRV\ofcscan.ini file.
  • NetBIOS ports - This uses TCP/UDP port 137, TCP port 139, and TCP port 445. These ports are used when installing clients/agents via Remote Install and when clients/agents send quarantined files to the server using the UNC path.
  • Communication with Control Manager/Apex Central - MCP agent uses TCP port 80 on HTTP or TCP port 443 on HTTPS to communicate with Control Manager/Apex Central.
  • License ports - These allow access to the Trend Micro License Server via TCP port 443.
  • Standalone Smart Protection Server - If Standalone Smart Protection Server is used in the environment, File Reputation Service for smart scan uses port 80 for HTTP and port 443 for HTTPS. Web Reputation Service uses port 5274. The web console uses port 4343 for HTTPS.
  • Unmanaged endpoints checking - This port (TCP 135 by default) is used by the OfficeScan/Apex One server to check with those unreachable and determine whether it’s managed by another OfficeScan/Apex One server. This port can be configured through the following menu path: OfficeScan/Apex One web console > Assessment > Unmanaged Endpoints > Define scope.
  • SQL - SQL will by default use TCP port 1433 to communicate with the SQL Server hosting the OfficeScan/Apex One database.
  • SNMP - If SNMP is enabled, it will use UDP ports 161 and 162 by default.
  • SMTP - Email notifications will use the standard SMTP port TCP 25.
 
IPs are not included as they can change frequently and without notice.

Some using ports vary depanding on the OfficeScan/Apex One version:

  • Apex One web console port - To determine this port number, check the "Master_DomainPort" and "Master_SSLPort" parameter in the \PCCSRV\ofcscan.ini file.
    Web Server and SettingsPorts
    HTTPHTTPS (SSL)Direction
    IIS default website with SSL enabled80 (not configurable)443 (not configurable)Inbound
    IIS virtual website with SSL enabled8080 (configurable)4343 (configurable)Inbound
  • Integrated Smart Protection Server - Smart Protection Server provides File Reputation Service (FRS) and Web Reputation Service (WRS). The port numbers used for FRS and WRS depend on the web server the OfficeScan server uses. Refer to the following tables:
    Web Server and SettingsPorts For File Reputation Service
    HTTPHTTPS (SSL)Direction
    IIS default website80443Bi-Directional
    IIS virtual website80804343Bi-Directional
    Web Server and SettingsHTTP Port For Web Reputation ServiceDirection
    IIS default website with SSL enabled80Bi-Directional
    IIS virtual website with SSL enabled8080Bi-Directional
     
    Apache server is no longer in use for OfficeScan XG and Apex One.
     

    To change the ports of your Web Reputation Services and File Reputation Services, refer to the KB article: Manually changing the ISPS ports of OfficeScan.

  • Edge Relay Server Off-Premise management- The Off-Premise endpoint report backs up logs, submits samples, and updates the Suspicious Object (SO) List to the Edge server. The port information is shown below:
    Web Server and SettingsHTTPS Listen PortDirection
    External (Agent to Edge)443 (configurable)Inbound
    Internal (Edge server to Apex One server)4343 (default)Inbound

    Edge Relay Server Off-Premise management

  • OfficeScan web console port - To determine this port number, check the "Master_DomainPort" and "Master_SSLPort" parameter in the \PCCSRV\ofcscan.ini file.
    Web Server and SettingsPorts
    HTTPHTTPS (SSL)Direction
    IIS default website with SSL enabled80 (not configurable)443 (not configurable)Bi-directional
    IIS virtual website with SSL enabled8080 (configurable)4343 (configurable)Bi-directional
  • Integrated Smart Protection Server - Smart Protection Server provides File Reputation Service (FRS) and Web Reputation Service (WRS). The port numbers used for FRS and WRS depend on the web server the OfficeScan server uses. Refer to the following tables:
    Web Server and SettingsPorts For File Reputation Service
    HTTPHTTPS (SSL)Direction
    IIS default website80443Bi-directional
    IIS virtual website80804343Bi-directional
    Web Server and SettingsHTTP Port For Web Reputation ServiceDirection
    IIS default website with SSL enabled80Bi-directional
    IIS virtual website with SSL enabled8080Bi-directional
     
    Apache server is no longer in use for OfficeScan XG.
     

    To change the ports of your Web Reputation Services and File Reputation Services, refer to the KB article: Manually changing the ISPS ports of OfficeScan.

  • Edge Relay Server Off-Premise management- The Off-Premise endpoint report backs up logs, submits samples, and updates the Suspicious Object (SO) List to the Edge server. The port information is shown below:
    Web Server and SettingsHTTPS Listen PortDirection
    External (Agent to Edge)443 (configurable)Inbound
    Internal (OfficeScan server to Edge)10669 (configurable)Bi-Directional
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
1054836
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.