Installation guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED

151

152

153

154

155

156

157

158

159

160

151

Security Management Center Ports

The table below lists all default ports SMC uses internally and with external components. Many

of these ports can be changed. The name of corresponding default Service elements are also

included for your reference. For information on communications between SMC components and

the engines, see the separate listings.

Table B.1 Security Management Center Default Ports

Listening

Host

Port/

Protocol

Contacting

Hosts

Service Description

Service Element

Name

Additional

Management

Servers

8902-

8913/TCP

Management

Server

Database replication (push) to the

additional Management Server.

SG Control

Authentication

Server

8925-

8929/TCP

Management

Server

Security Management Server

commands to Authentication Server.

SG Authentication

Commands

Authentication

Server node

8988-

8989/TCP

Authentication

Server node

Data synchronization between

Authentication Server nodes.

SG Authentication

Sync

DNS server

53/UDP,

53/TCP

Management

Client,

Management

Server, Log Server

DNS queries. DNS (UDP)

LDAP server 389/TCP

Management

Server

External LDAP queries for display/

editing in the Management Client.

LDAP (TCP)

Log Server

162/UDP,

5162/UDP

Monitored third-

party components

SNMPv1 trap reception from third-

party components. Port 162 is used

if installed on Windows, port 5162 if

installed on Linux.

SNMP (UDP)

Log Server

514/TCP,

514/UDP,

5514/TCP,

5514/UDP

Monitored third-

party components

Syslog reception from third-party

components. Port 514 is used if

installed on Windows, port 5514 if

installed on Linux.

Syslog (UDP)

[Partial match]

Log Server 2055/UDP

Monitored third-

party components

NetFlow or IPFIX reception from third-

party components. Port 2055 is used

in both Windows and Linux.

NetFlow (UDP)

Log Server 3020/TCP

Authentication

Server,

Log Server,

Web Portal Server,

Security Engines

Alert sending from the Authentication

Server, Log Server, and Web Portal

Server.

Log and alert messages; monitoring

of blacklists, connections, status,

and statistics from Security Engines.

SG Log

Log Server

8914-

8918/TCP

Management

Client

Log browsing. SG Data Browsing

Log Server

8916-

8917/TCP

Web Portal Server Log browsing.

SG Data Browsing

(Web Portal

erver)