Endpoint Protection

Query:- If we configure GUP working on 2967 Port , So GUP server is telnet on 2967 from SEP agent and also required Port 80 ??

and second From SEPM to GUP We need to open SAme as Port 80 ??

GUP is also a client so it needs port 80 to talk to SEPM like all others.

For clients to take updates from GUP. 2967 should be open.

***********************************************************************

When you make a computer as GUP , that means its providing a service, when you are providing a service, there is PORT (like door) associated with that, 

If I say HTTP service, its on port 80 , DNS on 53, simillary GUP on 2967 ( Configurable thought !!)

yes, client will still need to talk to SEPM for definition, hence client should able to contact GUP on 2967 and SEPM on assigned port ( 8014 or 80).

Hello,

Please understand: 

Here, SEPM  <----communicates----->  SEP and vice versa on port 80/8014, when it comes to SEP client which works as Group Update Provider, the proxy functionality of SEP client listens on 2967port.

Reference: http://www.symantec.com/docs/TECH102416

http://www.symantec.com/docs/HOWTO26654

GUP to SEPM (80 or 8014)

GUP to Client ( 2967)

Client to SEPM  (80 or 8014)

GUP in a JUST NORMAL SEP Client

When SEPM pushes the defs, it doesn't telnet to the client and then push the defs.

It pushes the def on the port that is configuired, if the port is open the defs go to the client.

If telent is no connecting to a machine on specfic port that doesn't mean that the port is blocked.