Ports used by Symantec DLP
Article ID: 160297
Updated On:
Products
Data Loss Prevention Endpoint Prevent
Data Loss Prevention
Data Loss Prevention Enforce
Data Loss Prevention Discover Suite
Data Loss Prevention Endpoint Discover
Data Loss Prevention Endpoint Suite
Data Loss Prevention Enterprise Suite
Data Loss Prevention Sensitive Image Recognition
Issue/Introduction
The following table is a list of standard network ports that are used in Symantec DLP. Some of them can be changed to custom ports if required, however we recommend leaving them at their defaults whenever possible. Some of these details are in the DLP Guides as well.
Resolution
DLP Ports
| Purpose | Protocol | Default Port | Bi-Directional / Uni-Directional | Notes |
| Enforce Server Console (Windows) | TCP | 443 | Uni-Directional | How to change the Enforce console port in DLP |
| Enforce Server Console (Linux) | TCP | 8443 | Uni-Directional |
How to change the Enforce console port in DLP |
| Communications from Enforce to Oracle Database | TCP | 1521 | Uni-Directional | |
| Communications from Enforce to Detection Servers | TCP | 8100 | Uni-Directional |
How to change the MonitorController port |
| Communications from Endpoint Agents to Endpoint Servers(version 12.5+) | TCP | 10443 | Uni-Directional |
What Port is used by the Endpoint Agent to communicate with the Endpoint Server? |
| Ports Used by Network Discover Crawlers and Scanners | Many | Many |
What ports are used by Discover? |
|
| Ports Used by Network Prevent for Email (MTAResubmitPort) | TCP | 10026 | Uni-Directional |
Is a SMTP Email Client installed with Network Prevent for SMTP? |
| Ports Used by Network Prevent for Email(ServerSocketPort) | TCP | 10025 | Uni-Directional |
Is a SMTP Email Client installed with Network Prevent for SMTP? |
| Ports Used by Network Prevent for Web | TCP | 1344 | Uni-Directional |
How to test ICAP connectivity to DLP Web Prevent |
| Kerberos port for Enforce AD Authentication | UDP | 88 |
Configure Active Directory Authentication for DLP |
|
| SMTP server for system alerts and response rule email notifications | TCP | 25 | Uni-Directional | |
| Syslog server for system alerts | TCP | 514 | Uni-Directional |
Generating Syslog messages from Data Loss Prevention |
| Syslog server for response rule notifications | TCP | 514 | Uni-Directional |
Generating Syslog messages from Data Loss Prevention |
| Active Directory connection for LDAP lookup plug-ins, user groups, and user list, user risk summary(not secure) | TCP | 389 | Uni-Directional | |
| Active Directory connection for LDAP lookup plug-ins, user groups, and user list, user risk summary(secure) | TCP | 636 | Uni-Directional |
Does Live LDAP Lookup support Secure LDAP / LDAPS Symantec Data Loss Prevention |
| Connection to Data Insight Server | TCP | 443 | ||
| OCR Server Port | TCP | 8555 | Uni-Directional | |
| Network Discover Grid Leader Port | TCP | 39990 in version 16.1 61616 in prior versions | Bi-Directional | |
| DLP 15.0+ Embedded Apache Tomcat (communication between Enforce Server processes related to DLP appliance management) | TCP | 8080 |
Symantec Data Loss Prevention uses port 8080 to manage virtual and hardware appliances |
|
| Connection between Enforce and Domain Controller Agent | TCP | 443 | Uni-Directional |
Feedback
Yes
No
Powered by
