Product guide
Required ports
Make sure that your network security software doesn't block ports and services that are needed for
Intel
®
AMT communications.
Add these ports, services, and processes as exclusions in the security policy settings of your network
security software such as firewall or intrusion prevention system.
Services installed on Agent Handler or McAfee ePO
Service Feature Ports Description
ServiceAMT.exe Intel
®
AMT
policy
enforcement
• 16993 (Policy configuration and
remote management features)
• 16995 (Redirection over TLS for
IDE-Redirection, Serial-over-LAN,
and KVM)
This service loads the
required plug-in and
performs the
out-of-band actions
on the client.
AMTGatewayService.exe Remote
Access
• 11112 (AMTGatewayService
listens to this port for Intel
®
AMT
connections. The tunneling proxy
also uses it to forward connections
from the Intel
®
AMT systems.)
• 1080 (SOCKS proxy for Remote
Access)
• 8080 (HTTP proxy for Remote
Access)
This service acts as a
proxy responsible for
mediating
communication
between the Agent
Handler and Intel
®
AMT systems for
Remote Access.
Apache.exe Remote
Access
• 1080 (SOCKS proxy for Remote
Access)
• 8080 (HTTP proxy for Remote
Access)
This acts as proxy for
SOCKS and HTTP
proxy requests
needed for Remote
Access tunnel.
Stunnel.exe Remote
Access
• 11111 (Stunnel uses this port to
send data received from the Intel
®
AMT systems to the ePO Deep
Command Gateway server)
• 12345 (This port is the default
port that the Intel
®
AMT platform
uses to connect to the Gateway
server.)
• 16993 (Policy configuration and
remote management features)
• 16995 (Redirection over TLS for
IDE-Redirection, Serial-over-LAN,
and KVM)
This service acts as
the SSL tunneling
proxy between the
Agent Handler and
Intel
®
AMT systems
for Remote Access.
Installation
Requirements
2
McAfee ePO Deep Command 2.1.0 Product Guide
21