Video Screencast Help

what are the deferent ports are used by DLP

Created: 20 Feb 2013 • Updated: 21 Feb 2013 | 3 comments
This issue has been solved. See solution.

Hi

What are different ports are used by DLP . IS it just default or we can chaange this.

Comments 3 CommentsJump to latest comment

Ashish-Sharma's picture

Please find some ports for more details refer Admin guide.

 

Firewall Ports required for Symantec Data Loss Prevention Components
Source Destination Protocol Port Action Comment
Enforce Network Monitor TCP 8100 Allow
Enforce Network Web Prevent TCP 8100 Allow
Enforce Network Mail Prevent TCP 8100 Allow
Enforce Network Discover TCP 8100 Allow
Enforce Endpoint Server TCP 8100 Allow
Endpoint Agent Endpoint server TCP 8000 Allow
Management PC Enforce TCP 443 Allow
Network Discover Target Server TCP 445 Allow This is for CIFS shares
Network Discover Target Server TCP 2049 Allow This is for NFS shares
WebScanner agent Network Discover TCP 8090 Allow This is for webscanner agent
Management PC Enforce, any server TCP 3389 Allow *RDP useful for troubleshooting

Thanks In Advance

Ashish Sharma

 

 

Sumit G's picture

Summary of Ports Used in DLP

https://www-secure.symantec.com/connect/articles/summary-ports-used-dlp

Summary of Ports Used in DLP:

1. Enforce Server (https) -- port: 443 (Windows) -- port: 8443 (Linux)
2. Upgrade Wizard (Enforce) -- port: 8300
3. Communications from Enforce to Oracle Database -- port: 1521
4. Communications from Enforce to Detection Servers -- port: 8100
5. Communications from Endpoint Agents to Enforce Server -- port: 8000
6. Ports used by Network Prevent (Web) -- 80, 8080, as per Proxy specification
7. Ports used by Network Prevent (Email)
    -- MTAResubmitPort: 10026 (default)
    -- ServerSocketPort: 10025 (default)
8. Ports used by Network Discover crawlers and scanners

 

Source Destination Port Comment
Network Discover Target Server 445 This is for CIFS shares
Network Discover Target Server 2049 This is for NFS shares
Scanner agent Network Discover 8090 This is for the scanner agent targets (Sharepoint, Exchange, etc)
Network Discover Oracle Database 1521 This is for Oracle database
Network Discover DB2 50000 This is for IBM DB2
Network Discover MS SQL Server 1433 This is for MS SQL Server
Network Discover Sybase 7100 This is for Sybase
Network Discover MySQL 3306 This is for MySQL
Network Discover Lotus Notes 63148 This is when scanning Lotus Notes using DIIOP
Network Discover Lotus Notes 1352 This is when scanning Lotus Notes with native API
Web Services Agent Network Discover 8090 This is for the web services agent

Notes: The ports used above are default ports. The system administrator at the customer site should be consulted to check if any of the ports used has been modified in their environment.

Regards

Sumit G.