Communication ports used by Deep Security

  • Updated:
    • 29 Sep 2016
  • Product/Version:
    • Deep Security 8.0
    • Deep Security 9.0
    • Deep Security 9.5
    • Deep Security 9.6
  • Platform:
    • HPUX 11.x
    • IBM AIX
    • Linux - Red Hat RHEL 4 32-bit
    • Linux - Red Hat RHEL 4 64-bit
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - SuSE 10
    • Linux - SuSE 11
    • Unix - Solaris (Sun) version 10 (SunOS 5.10)
    • Unix - Solaris (Sun) version 9 (SunOS 5.9)
    • VMware ESX 4.0
    • VMware ESX 4.1
    • VMware ESX 5.0
    • VMware ESXi 4.0
    • VMware ESXi 4.1
    • VMware ESXi 5.0
    • VMware vCenter 5.0
    • Windows 2003 Enterprise
    • Windows 2008 Enterprise
Summary

Learn about the different ports that Deep Security uses to communicate or connect to and from the Deep Security Manager (DSM), Deep Security Agent (DSA), Deep Security Relay (DSR), database communication, virtual appliance communication, and syslog communication.

 
The information below is for Deep Security On-Premise only. For Deep Security as a Service (DSaaS), please check this article: Restricting Outbound Access from Agents over Port 443.
Details
Public

Deep Security Manager

PortDirectionPurpose
4118 (TCP)From Manager to the AgentAgents listening port. Manager-to-Agent communication.
4120 (TCP)From the Agent to the ManagerThe "heartbeat" port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
4119 (TCP)Going to the Deep Security Manager consoleUsed by your browser to connect to Deep Security Manager. Also used for Deep Security Relay to retrieve software packages from Deep Security Manager.
443 (TCP)From Manager to VMware vCenter, ESXi Host, vCloud Director, vShield/NSX Manager, AWS ServerUsed to communicate with ESXi (DSVA Deployment), vCloud Director, vCenter and vShield/NSX Manager. Used also to retrieve list of computers from Amazon Web Services (AWS).
25 (TCP)From Manager to SMTP serverCommunication to an SMTP server to send email alerts (configurable: DSM > Administration > System Settings > SMTP).
53 (TCP)From Manager to DNSFor DNS lookup
389, 636 (TCP)Manager to LDAP serverConnection to an LDAP Server for Active Directory integration (configurable: DSM > Computers > Computers (right-click) > Add Directory wizard). 389 for Non SSL / 636 for SSL.

Deep Security Agent/Virtual Appliance

PortDirectionPurpose
4118 (TCP)From Manager to the Agent/ApplianceManager-to Agent/Appliance-communication. Agent/Appliance's listening port.
4120 (TCP)From the Agent/Appliance to the ManagerThe "heartbeat" port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
5274 (TCP)OutgoingConnection to Local Web Reputation Server
80/443 (TCP)OutgoingConnection to Global Web Reputation Server,Global File Reputation Server and Local File Reputation Server

Deep Security Relay

PortDirectionPurpose
4118 (TCP)From Manager to the RelayDeep Security Manager sends commnands to Deep Security Relay.
4122 (TCP)From Manager/Agent to the RelayRelay listening port. Manager to Relay communication for retrieving components, and Agent/Appliance retrieve updatable components
80 and 443 (TCP)From Relay to the InternetiAU Security Updates

Database Communication

PortDirectionPurpose
1433 (TCP)Bi-directionalMicrosoft SQL server
1521 (TCP)Bi-directionalOracle SQL Server

Syslog Communication

PortDirectionPurpose
514 (UDP)Bi-directionalCommunication with Syslog server. (Configurable: DSM > Administration > System Settings > SIEM).

Control Manager (TMCM) Communication

PortDirectionPurpose
80 or 443Outgoing destination portConnection with TMCM
4119Source port from DSMConnection with TMCM
Premium
Internal
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.