Network ports
Applies To: Forefront Client Security
Before installing Client Security server components, you should verify that the appropriate network ports are open on any server firewall. In some cases, firewalls between Client Security servers should be disabled.
Port usage for Client Security server components
The following table lists the network ports and protocols that are used for communicating between Client Security servers and between the distribution server and Microsoft Update. Depending on the type of firewalls you use and the location of those firewalls, you may need to open these ports.
Component | Connection | Topologies | Port (protocols) | Notes |
---|---|---|---|---|
Collection server |
To collection database |
Five-server and six-server |
1433 (TCP and UDP) |
None. |
Management server |
To collection server |
Four-server, five-server, and six-server |
445 (TCP and UDP), 135 (TCP), and DCOM port range |
Using a firewall between these two servers is not supported. The Microsoft Operations Manager (MOM) Administrator and Operator consoles on the management server require a connection to the collection server. |
Management server |
To collection database |
Four-server, five-server, and six-server |
1433 (TCP) and 1434 (UDP) |
None. |
|
To reporting server |
Three-server, four-server, five-server, and six-server |
80 (TCP) or 443 (TCP) |
Port 80 is used for HTTP and port 443 is used for HTTPS. |
|
To collection database |
Three-server, four-server, and six-server |
1433 (TCP) and 1434 (UDP) |
Using a firewall between these two databases is not supported. |
Reporting server |
To collection database |
Four-server, five-server, and six-server |
1433 (TCP) and 1434 (UDP) |
None. |
|
To reporting database |
Three-server, five-server, and six-server |
1433 (TCP) and 1434 (UDP) |
None. |
Distribution server |
To Microsoft Update or upstream Microsoft Windows ServerĀ® Update Services (WSUS) server |
All |
80 (TCP) or 443 (TCP) |
To obtain updates from Microsoft Update, the distribution server uses port 80 for HTTP and port 443 for HTTPS. |
Port usage for Client Security client components
The following table lists the network ports and protocols that are used for communications between Client Security servers and client computers. Depending on the type of firewalls you use and the location of those firewalls, you may need to open these ports.
Note
These ports do not include the ports used for Group Policy, Domain Name System (DNS), and other standard technologies. For a list of ports used by Microsoft server products, see Network Ports Used by Key Microsoft Server Products (https://go.microsoft.com/fwlink/?LinkId=86643).
Computers | Connection | Port (protocols) |
---|---|---|
Client computers |
To collection server |
1270 (TCP and UDP) |
Client computers |
To distribution server |
80 (TCP) or 8530 (TCP) or custom |