|
|
Table: Symantec ESM communication ports lists the ports that Symantec ESM uses to communicate between managers and agents.
Table: Symantec ESM communication ports
Symantec ESM also use the following ports:
Symantec ESM managers use port 5599 for connections to perform remote upgrades of the systems that connect using the TCP protocol.
Symantec ESM managers use ports in the range from 1024 to 5000 that TCP dynamically allocates for servers to use when making connections to clients.
The ESM console uses the appropriate manager port number to initiate a connection with a Symantec ESM manager. After the ESM console establishes a connection, it can transmit instructions and receive security data. The ESM console does not require a port number because ESM managers do not initiate connections to the ESM console.
You must open any firewalls that separate Symantec ESM components to the ports in Table: Symantec ESM communication ports, port 5599, and ports that range from 1024 to 5000. In some situations, you may have to modify or create a firewall proxy or tunnel to enable Symantec ESM component connections through a firewall.
All TCP applications require the opening of ports 1024 to 5000 as a standard practice. Servers making connections back to clients reserve the ports in this range. You must open these ports in both directions. This practice is secure, as long as the TCP servers do not listen within this port range.