Clients communicate with SEPM using sylink.xml file, Sylink.xml contains SEPM ip address and port number (ex 8014) . SMC.exe service on the client will read this file and try to communicate SEPM via 8014.Therefore on client it will be 8014 outbound and on server 8014 Inbound.
8014 is tcp so it is when the client checks in, the server can issue commands over the same handshake. If you are using stateful firewalls you will see one connection from client to server over 8014.
Here is the Answer:
1. client-to-server>>>>> port used- 8014 ( So on firewall it will be Inbound only)
2. server-to-client>>>>> port used- TCP ephemeral port on clients.
For management servers and clients:
TCP 8014 for management servers, by default.
TCP ephemeral port on clients.
Please see the same discussion and confirmation from Matt
https://www-secure.symantec.com/connect/forums/sep...
Please mark the thread if it answers your question :)
Good day