Endpoint Protection

 View Only

  • 1.  Communication ports for SEPM, v11

    Posted Apr 07, 2010 09:53 AM
    Hello Everyone,

    I have successfully setup SEP, with dedicated machines running SEPMs and SQL along with replication.  There are already about 700 clients, would gradually go upto 3500+.

    Next step is to secure them with windows firewall as SQL and SEPMs are running on Windows server 2003.  Following communication ports planned to be excluded for its functioning.

    Communication ports exclusion
       SQL server  - TCP 1433 (only from SEPMs)

        SEPM - TCP 8014
                      TCP 8443
                      TCP 9090

      Our communication settings are set to Pull.

    I would appreciate any comment or suggestion.

    Sincerely,


  • 2.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 09:59 AM
    Looks good for me...here is the complete list of ports used

    Which communication ports does Symantec Endpoint Protection 11.0 use

    http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007090614430148


  • 3.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 10:25 AM

    Hello Rafeeq,

    As a matter of fact that is the document I used to decide on the ports in a testing environment.  The only difference is  that in production setup I also have replication.  Unfortunately I can not test replication similar to production..

    Do you think, I need any other ports for replication, and how about TCP 8005 where Tomcat listens?  Please advise!

    Sincerely,



  • 4.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 10:33 AM
    For replication

    8443 is used by the remote console to communicate with SEPM and the Replication Partners to replicate data.
    8005 should be excluded as well.


  • 5.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 10:35 AM

    Ports used for communication in Symantec Endpoint Protection 11.0


    http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/2bba3a548bdd952d8825735200588183?OpenDocument




  • 6.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 11:56 AM

    I have a SEPM built from the ground up starting with MR42, then upgraded to RU5.  It was supposed to be communicating over port 8014 for client traffic, and that's what I excluded in my firewall.  Nothing was working.  I did a netstat -a from a command line on the SEPM itself and saw clients communicating over HTTP, which is 80.  Double check to see exactly what port clients are using.



  • 7.  RE: Communication ports for SEPM, v11

    Posted Apr 07, 2010 12:35 PM

    Hello Blenahan,

    You have to make sure that the "Management Server List" has correct custom port setting.  If there are users, for whatever reason, trying to connect to SEPM on port 80 (default) port, now since you are using custom port 8014, then you might try to drop current sylink.xml to the client and see if that makes difference.

    Rafeeq:  Thank you for your info, in next couple of days i will be modifying firewall settings on sql and sepm server and report back how it goes!

    Sincerely,