What firewall port must be open for sensor console communications?
Article ID: 287336
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Carbon Black Hosted EDR (formerly Cb Response Cloud)
Issue/Introduction
What firewall port must be open for sensor to server communication?
Environment
- EDR Server: All Versions
- EDR Sensor: All Versions
Resolution
To establish sensor to server communications port 443 is required to be open for sensor to server communication
Additional Information
- Communication default protocol is HTTPS
- For clusters; sensor will register and check in to the primary and be assigned a "datastore" minion node at registration in a round robin way to load balance. Firewall communication should be open for primary and minion nodes for all endpoints.
- 443 is default and configurable (on-premise systems) to utilize a different port
- Communication does not need to be bi-directional. The sensor initiates communicates with the server and the server only responds
- All upgrades package, live response, and group changes happen at sensor check-in where the server will respond with the new info that the sensor will take back.
Feedback
Yes
No
Powered by
