Installation guide
155
Security Engine Ports
Firewall, Layer 2
Firewall, IPS,
Master Engine
4987/TCP
Management
Server
Management Server commands
and policy upload.
SG Commands
Firewall, Layer 2
Firewall, IPS
8888/TCP
Management
Server
Connection monitoring for engine
versions 5.1 and lower.
SG Legacy
Monitoring
Firewall, Layer 2
Firewall, IPS,
Master Engine
15000/TCP
Management
Server, Log
Server
Blacklist entries. SG Blacklisting
Firewall, Layer 2
Firewall, IPS,
Master Engine
161/UDP SNMP server SNMP monitoring. SNMP (UDP)
IPS Cluster
Node
3000-3001/
UDP
3002-3003,
3010/TCP
IPS Cluster
Node
Heartbeat and state
synchronization between clustered
IPS engines.
SG State Sync
(Multicast), SG
State Sync
(Unicast), SG Data
Sync
LDAP server 389/TCP
Firewall,
Master Engine
External LDAP queries, including
StartTLS connections.
LDAP (TCP)
Layer 2 Firewall
Cluster Node
3000-3001/
UDP
3002-3003,
3010/TCP
Layer 2
Firewall
Cluster Node
Heartbeat and state
synchronization between clustered
Layer 2 Firewalls.
SG State Sync
(Multicast), SG
State Sync
(Unicast), SG Data
Sync
Log Server 3020/TCP
Firewall, Layer
2 Firewall, IPS,
Master Engine
Log and alert messages;
monitoring of blacklists,
connections, status, and statistics.
SG Log
Management
Server
3021/TCP
Firewall, Layer
2 Firewall, IPS,
Master Engine
System communications certificate
request/renewal (initial contact).
SG Initial Contact
Management
Server
3023/TCP
Firewall, Layer
2 Firewall, IPS,
Master Engine
Monitoring (status) connection.
SG Status
Monitoring
Management
Server
8906/TCP
Firewall, Layer
2 Firewall, IPS
Management connection for single
engines with “Node-Initiated
Contact to Management Server”
selected.
SG Dynamic
Control
RADIUS server
1812, 1645/
UDP
Firewall,
Master Engine
RADIUS
authentication reques
ts.
RADIUS
(Authentication),
RADIUS (Old)
Table B.2 Security Engine and Master Engine Default Ports (Continued)
Listening
Host
Port/Protocol
Contacting
Hosts
Service Description
Service Element
Name