How to change the port used by the Symantec Data Loss Prevention (DLP) Enforce console.

Windows

The Enforce console uses port 443 by default in Windows. To change the port, edit the port number in the respective server.xml file:

• C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.7\Protect\tomcat\conf\server.xml
• C:\Program Files\Symantec\DataLossPrevention\EnforceServer\15.8.00000\Protect\tomcat\conf\server.xml 

<Connector port="443" maxThreads="150" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" URIEncoding="UTF-8" SSLEnabled="true">

Restart the SymantecDLPManager Service after changing the port number.

Linux

All ports below 1024 are restricted which means applications cannot bind to those ports when running from a non-privileged account. The Enforce console uses port 8443 by default in Linux. DLP automatically creates an iptables entry to forward all traffic received on port 443 over to 8443. To change the port, edit the iptables entry to forward traffic from the new destination port over to port 8443.

[root@enforce /]# iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443

See article Ports used by Symantec DLP for more information about default port assignments.