Endpoint Protection

 View Only

  • 1.  port communication

    Posted Mar 19, 2012 12:08 PM

    Hello

    Guide me about the port communication of Sepm. 

    Thanks

    Venktesh



  • 2.  RE: port communication
    Best Answer

    Posted Mar 19, 2012 12:11 PM

     

    Which Communications Ports does Symantec Endpoint Protection use?

     

    http://www.symantec.com/business/support/index?page=content&id=TECH163787

     http://www.symantec.com/business/support/index?page=content&id=TECH102416

     

    Communications Ports and Protocols

     

     

    Port Number Port Type Initiated By Listening Process Description
    80, 8014 TCP SEP Clients svchost.exe (IIS)
    httpd.exe (Apache)    		 Communication between the SEP manager and SEP clients and Enforcers. 
    (8014 in MR3 and later builds, 80 in older).
    The 11.x product line uses IIS. The 12.x product line uses Apache.
    443 TCP SEP Clients svchost.exe (IIS)
    httpd.exe (Apache)    		 Optional secured HTTPS communication between a SEP Manager and SEP clients and Enforcers.
    1433 TCP SEP Manager sqlserver.exe Communication between a SEP Manager and a Microsoft SQL Database Server if they reside on separate computers.
    1812 UDP Enforcer 11.x: w3wp.exe
    12.x: httpd.exe (Apache)    		 RADIUS communication between a SEP Manager and Enforcers for authenticating unique ID information with the Enforcer.
    2638 TCP SEP Manager 11.x: dbsrv9.exe
    12.1.x: dbsrv11.exe    		 Communication between the Embedded Database and the SEP Manager.
    2967 TCP SEP Clients Smc.exe The Group Update Provider (GUP) proxy functionality of SEP client listens on this port.
    8005/8765 TCP SEP Manager SemSvc.exe This is the Tomcat Shutdown port.
    In the 11.x product line SEP Manager listens on the Tomcat default port of 8005 except RU7 uses 8765.  Also in 12.x product line port 8765 is used instead.
    8045 TCP SEP Manager SemSvc.exe In the SEP 11 RU6 SEPM, the registry is started by the Tomcat servlet container. CreamTec's AjaxSwing uses the existing registry to communicate with its client agents that run in stand alone mode
    8443 TCP Remote Java or 
    Web Console    		 SemSvc.exe HTTPS communication between a remote management console and the SEP Manager. All login information and administrative communication takes place using this secure port.
    8444 TCP Symantec Protection Center v 2.X SemSvc.exe This is the SEPM web services port. SPC 2.X makes Data Feed and Workflow requests to SEPM over this port.
    8445 TCP Reporting Console httpd.exe (Apache) Added in 12.1.x. HTTPS reporting console
    9090 TCP Remote Web Console SemSvc.exe Initial HTTP communication between a remote management console and the SEP Manager (to display the login screen only).
    39999 UDP Enforcer SNAC.exe (Windows SNAC)
    CClientCtl.exe (Windows ODC)
    SNAC
    (Mac SNAC/ODC)    		 Communication between the SEP Cients and the Enforcer. This is used to authenticate Clients by the Enforcer.


  • 3.  RE: port communication

    Broadcom Employee
    Posted Mar 19, 2012 01:09 PM

    Hi,

    Go through following KB for more details

    Which Communication Ports does Symantec Endpoint Protection 11.0 use?

    http://www.symantec.com/docs/TECH102416

    Ports and Protocols to be allowed when using a proxy in a SEP environment.  

    http://www.symantec.com/docs/TECH131843 

    I hope it will help you !!!



  • 4.  RE: port communication

    Posted Mar 20, 2012 08:03 AM

    For SEP 12 https://www-secure.symantec.com/connect/articles/symantec-endpoint-protection-manager-requires-tcp-port-information

    Symantec Endpoint Protection Manager requires TCP port information.

     

    Symantec Endpoint Protection Manager uses TCP 9090 to display the Symantec Endpoint Protection Manager console. If other software is listening on this port, you cannot log on to the Symantec Endpoint Protection Manager console. Note that Symantec IM Manager uses TCP port 9090. If you are required to run Symantec Endpoint Protection Manager console on a computer that also requires other software that uses TCP port 9090, you can change the port for Symantec Endpoint Protection Manager console.

     

    To change TCP port 9090, edit the following file with WordPad

    \Symantec\Symantec Endpoint Protection Manager\tomcat\conf\server.xml

    Search for port=9090 and change 9090 to a different TCP port number. Save the file, and then restart Symantec Endpoint Protection Manager service.

     

    We can then log on to the Symantec Endpoint Protection Manager console. Be aware, however, that changing port 9090 partially disables the online Help system. Every time you use Help, you will have to change 9090 in the URL to the changed port number to display the Help text.

     

    The default port for Enforcer communication with Symantec Endpoint Protection Manager is 8014

    The default port for non-encrypted communication (HTTP) with the Symantec Endpoint Protection Manager has been changed from 80 to 8014. Encrypted communications (HTTPS) continue to use port 443. This port setting applies to all types of Enforcers.