This article enumerates the different ports and protocols used in OfficeScan, which should be allowed to communicate via firewall or router. This is typically the scenario in case the customer deployed either an OfficeScan server or a client/agent in a DMZ or they have segmented their network into multiple subnets.
The following lists the ports that are used in the OSCE client/agent and server communication:
Remote Installation Process:
TCP is port 139 and 445 on the client/agent. These ports are used to browse the workstation and/or they use the Find function to locate the client/agent.
The OfficeScan Server with IIS or Apache as the webserver.
|Web Server and Settings||Ports|
|Apache web server with SSL enabled||8080 (configurable)||4343 (configurable)|
|IIS default website with SSL enabled||80 (not configurable)||443 (not configurable)|
|IIS virtual website with SSL enabled||8080 (configurable)||4343 (configurable)|
The client/agent listening port is randomly generated or specifically indicated while installing the OfficeScan Server. Clients/Agents that are installed from the same server will all use the same client/agent listening port.
Once the OSCE client/agent service has started, it sends a CGI command over HTTP to the OSCE Server with relevant information (including IP address). It uses the TCP port 8080 or whatever port is configured in the IIS to communicate with the server.
If you are using a firewall or router in your network, you need to allow communication on the following ports:
- Client/Agent communication port - It is a random 5-digit port number set during installation. To determine this port number, check the "Client_LocalServer_Port" parameter in the \PCCSRV\ofcscan.ini file.
- OfficeScan Web console port - It depends on the Web site used and if SSL is enabled. See the table below. To determine this port number, check the "Master_DomainPort" parameter in the \PCCSRV\ofcscan.ini file.
Web Server and Settings Ports HTTP HTTPS (SSL) Apache web server with SSL enabled 8080 (configurable) 4343 (configurable) IIS default website with SSL enabled 80 (not configurable) 443 (not configurable) IIS virtual website with SSL enabled 8080 (configurable) 4343 (configurable)
- Smart Scan Server Web console port - It uses TCP port 8080.
- NetBIOS ports - This uses TCP/UDP port 137, TCP port 139, and TCP port 445. These ports are used when installing clients/agents via Remote Install and when clients/agents send quarantined files to the server using the UNC path.
- Integrated Smart Scan Server scan query port - It depends on the web site used and if SSL is enabled. Refer to the following table.
Apache IIS Default web site Virtual web site HTTP 8080 80 8082 HTTPS 4343 or 4345 443 4345
- Standalone Smart Scan Server scan query port - If you are using http:///tmcss, TCP port 80 is used. If you are using https:///tmcss, TCP port 443 is used.
- LDAP port - It uses TCP port 389. This is used when the Security Compliance function retrieves Active Directory information.
- MCP agent (for communication with Control Manager) - It uses TCP port 80 on HTTP or TCP port 443 on HTTPS.
- License ports - TCP and UDP allow access to the Trend Micro License Server via port 80, 60162, and 60163.
- File Reputation - HTTPS uses 4345 while HTTP uses 8082.
- Web Reputation - HTTPS uses 5274.