McAfee KnowledgeBase - Ports needed by ePO 4.x and ePO 5.0 for communication thr...

Pgina 1 de 5

Technical Articles
Ports needed by ePO 4.x and ePO 5.0 for communication through a firewall Technical Articles ID: Last Modified: KB66797 March 25, 2013

Environment
McAfee Agent 4.x McAfee ePolicy Orchestrator 5.0 McAfee ePolicy Orchestrator 4.x For details of all supported operating systems, see KB51109 (index?page=content&id=KB51109) .

Summary
The following tables display the ports needed by ePolicy Orchestrator (ePO) for communication through a firewall: For the purpose of this article: Bi-directional means that a connection can be initiated from either direction Inbound means the connection is initiated by a remote system Outbound means the connection can be initiated by the local system ePO 4.5: Port Default Description Traffic direction

Agent to server 80 communication port

Bi-directional between the TCP port opened by the ePO Server Agent Handler and the service to receive requests from agents. ePO server and inbound to The repository is also hosted on this the Agent Handler from port. the McAfee Agent. By default, 4.5 agents should communicate over SSL (443 by default). TCP port opened by agents to receive agent wakeup requests from the ePO server. Inbound connection to the Agent Handler from the McAfee Agent. Outbound connection from the ePO

Agent communicating over SSL (4.5 and later agents only)

443

Agent wake-up 8081 communication port

https://kc.mcafee.com/corporate/index?page=content&id=KB66797&pmv=print

05/06/2013

McAfee KnowledgeBase - Ports needed by ePO 4.x and ePO 5.0 for communication thr... Pgina 2 de 5

SuperAgent repository port Agent broadcast 8082 communication port Console-toapplication server 8443 communication port

TCP port opened to replicate repository server/Agent Handler to content to a SuperAgent repository. the McAfee Agent. UDP port opened by SuperAgents to forward messages from the ePO server/Agent Handler. HTTPS port opened by the ePO Application Server service to allow web browser UI access. HTTPS port opened by the ePO Application Server service to receive RSD connections. Also, used by the Agent Handler to talk to the ePO server to get required information (like LDAP servers). HTTP port hosted by McAfee Labs for retrieving security threat feed. Note that this port cannot be changed. TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. UDP port used to request the TCP port that the SQL instance hosting the ePO database is using. LDAP connection to look up computers, users, groups, and Organizational Units for User Based Policies. User Based Policies use the LDAP connection to look up users, groups, and Organizational Units. Outbound connection from the SuperAgents to other McAfee Agents. Inbound connection to the ePO server from ePO Console. Inbound connection to the ePO server from the Rogue System Sensor. Outbound connection from remote Agent Handlers to the ePO server. Outbound connection from the ePO server the external McAfee Labs server. Outbound connection from the ePO server/Agent Handler to the SQL server. Outbound connection from the ePO server/Agent Handler to the SQL server. Outbound connection from the ePO server/Agent Handler to an LDAP server. Outbound connection from the ePO server/Agent Handler to an LDAP server.

Client-to-server authenticated 8444 communication port

Security threats 8801 communication port

SQL server TCP port

1433

SQL server UDP port

1434

Default LDAP server port

389

Default SSL LDAP server port

636

ePO 4.6 and 5.0: Port Default Description Traffic direction

Agent to server 80 communication port

TCP port opened by the ePO Server Bi-directional between the service to receive requests from agents. Agent Handler and the ePO server and inbound to

https://kc.mcafee.com/corporate/index?page=content&id=KB66797&pmv=print

05/06/2013

McAfee KnowledgeBase - Ports needed by ePO 4.x and ePO 5.0 for communication thr... Pgina 3 de 5

the Agent Handler from the McAfee Agent. Agent communicating over SSL (4.5 and later agents only) Software Manager Agent wake-up communication port 8081 SuperAgent repository port Agent broadcast 8082 communication port Console-toapplication server 8443 communication port TCP port opened by agents to receive agent wakeup requests from the ePO server. TCP port opened to replicate repository content to a SuperAgent repository. UDP port opened by SuperAgents to forward messages from the ePO server/Agent Handler. HTTPS port opened by the ePO Application Server service to allow web browser UI access. HTTPS port opened by the ePO Application Server service to receive RSD connections. Also, used by the Agent Handler to talk to the ePO server to get required information (like LDAP servers). HTTP port hosted by McAfee Labs for retrieving security threat feed. Note that this port cannot be changed. TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. UDP port used to request the TCP port that the SQL instance hosting the ePO database is using. LDAP connection to look up computers, users, groups, and Organizational Units for User Based Policies. Outbound connection from the ePO server/Agent Handler to the McAfee Agent. Outbound connection from the SuperAgents to other McAfee Agents. Inbound connection to the ePO server from ePO Console. Inbound connection to the ePO server from the Rogue System Sensor. Outbound connection from remote Agent Handlers to the ePO server. Outbound connection from the ePO server the external McAfee Labs server. Outbound connection from the ePO server/Agent Handler to the SQL server. Outbound connection from the ePO server/Agent Handler to the SQL server. Outbound connection from the ePO server/Agent Handler to an LDAP server. By default, 4.5 agents should communicate over SSL (443 by default). This port is also used for the remote Agent Handler to communicate with the ePO Master Repository.

443

Inbound connection to the Agent Handler from the McAfee Agent.

Client-to-server authenticated 8444 communication port

Security threats 8801 communication port

SQL server TCP port

1433

SQL server UDP port

1434

Default LDAP server port

389

https://kc.mcafee.com/corporate/index?page=content&id=KB66797&pmv=print

05/06/2013

McAfee KnowledgeBase - Ports needed by ePO 4.x and ePO 5.0 for communication thr... Pgina 4 de 5

Default SSL LDAP server port

636

User Based Policies use the LDAP connection to look up users, groups, and Organizational Units.

Outbound connection from the ePO server/Agent Handler to an LDAP server.

ePO (Ports/Traffic Quick Reference): Agent Handler: Default Port Protocol Traffic direction 80 389 443 636 1433 1434 8081 8444 TCP TCP TCP TCP TCP UDP TCP TCP Bi-directional connection to/from the Agent Handler Outbound connection from the Agent Handler Inbound connection to the Agent Handler Outbound connection from the Agent Handler Outbound connection from the Agent Handler Outbound connection from the Agent Handler Outbound connection from the Agent Handler Outbound connection from the Agent Handler

ePO Server: Default Port Protocol Traffic direction 80 389 443 636 1433 1434 8081 8443 8444 8801 TCP TCP TCP TCP TCP UDP TCP TCP TCP TCP Bi-directional connection to/from the ePO server Outbound connection from the ePO server Inbound/Outbound connection to/from the ePO server Outbound connection from the ePO server Outbound connection from the ePO server Outbound connection from the ePO server Outbound connection from the ePO server Inbound connection to the ePO server Inbound connection to the ePO server Outbound connection from the ePO server

https://kc.mcafee.com/corporate/index?page=content&id=KB66797&pmv=print

05/06/2013

McAfee KnowledgeBase - Ports needed by ePO 4.x and ePO 5.0 for communication thr... Pgina 5 de 5

McAfee Agent: Default Port 80 443 8081 Protocol Traffic direction TCP TCP TCP Outbound connection to the ePO server/Agent Handler Outbound connection to the ePO server/Agent Handler Inbound connection from the ePO server/Agent Handler. If the agent is a SuperAgent repository then inbound connection from other McAfee Agents. Inbound connection to Agents. Inbound/Outbound connection from/to SuperAgents

8082

UDP

SQL Server: Default Port Protocol Traffic direction 1433 1434 TCP UDP Inbound connection from the ePO server/Agent Handler Inbound connection from the ePO server/Agent Handler

https://kc.mcafee.com/corporate/index?page=content&id=KB66797&pmv=print

05/06/2013