quarta-feira, novembro 22, 2017
Breaking News
Home » Antivirus » Deep Security Communication Ports

Deep Security Communication Ports

Saudações a todos,

Segue resumão de portas utilizadas pelo TrendMicro Deep Security. Mapa e descrição abaixo.

DeepSecurotyCommunicationPortsCore

Port Direction Purpose
4118 (TCP) From Manager to the Agent Agents listening port. Manager-to-Agent communication.
4120 (TCP) From the Agent to the Manager The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
4119 (TCP) Going to the Deep Security Manager console Used by your browser to connect to Deep Security Manager. Also used for Deep Security Relay to retrieve software packages from Deep Security Manager.
443 (TCP) From Manager to VMware vCenter, ESXi Host, vCloud Director, vShield/NSX Manager, AWS Server Used to communicate with ESXi (DSVA Deployment), vCloud Director, vCenter and vShield/NSX Manager. Used also to retrieve list of computers from Amazon Web Services (AWS).
25 (TCP) From Manager to SMTP server Communication to an SMTP server to send email alerts (configurable: DSM > Administration > System Settings >SMTP).
53 (TCP) From Manager to DNS For DNS lookup
389, 636 (TCP) Manager to LDAP server Connection to an LDAP Server for Active Directory integration (configurable: DSM > Computers > Computers (right-click) >Add Directory wizard). 389 for Non SSL / 636 for SSL.

Deep Security Agent/Virtual Appliance

Port Direction Purpose
4118 (TCP) From Manager to the Agent/Appliance Manager-to Agent/Appliance-communication. Agent/Appliance’s listening port.
4120 (TCP) From the Agent/Appliance to the Manager The “heartbeat” port, used by Deep Security Agents and Appliances to communicate with the Deep Security Manager.
5274 (TCP) Outgoing Connection to Local Web Reputation Server
80/443 (TCP) Outgoing Connection to Global Web Reputation Server,Global File Reputation Server and Local File Reputation Server

Deep Security Relay

Port Direction Purpose
4118 (TCP) From Manager to the Relay Deep Security Manager sends commnands to Deep Security Relay.
4122 (TCP) From Manager/Agent to the Relay Relay listening port. Manager to Relay communication for retrieving components, and Agent/Appliance retrieve updatable components
80 and 443 (TCP) From Relay to the Internet iAU Security Updates

Database Communication

Port Direction Purpose
1433 (TCP) Bi-directional Microsoft SQL server
1521 (TCP) Bi-directional Oracle SQL Server

Syslog Communication

Port Direction Purpose
514 (UDP) Bi-directional Communication with Syslog server. (Configurable: DSM >Administration > System Settings > SIEM).

Control Manager (TMCM) Communication

Port Direction Purpose
80 or 443 Outgoing destination port Connection with TMCM
4119 Source port from DSM Connection with TMCM

Sobre Diego Duarte

Diego Duarte Atua como coordenador de NOC, toca um violãozinho nas horas vagas e tenta eternamente entender o que o fez escolher TI

Veja também!

Trend Micro encontra grupo brasileiro com 5 mil hackers no Telegram

O aplicativo de mensagens Telegram, que ganhou popularidade entre os usuários brasileiros após os dois …

Este artigo lhe foi útil? comente e ajude outros acrescentando seu ponto de vista!