Skip to main content

Getting Started Dell Data Security Implementation Services

PDF

Ports

The following table describes each component and its function.


Name	Default Port	Description
ACL Service	TCP/ 8006	Manages various permissions and group access for various Dell Security products. NOTE:Port 8006 is not secured. Ensure that this port is properly filtered through a firewall. This port is internal only.
Management Console	HTTP(S)/ 8443	Administration console and control center for the entire enterprise deployment.
Core Server	HTTPS/ 8888	Manages policy flow, licenses, and registration for Preboot Authentication, SED Management, BitLocker Manager, Threat Protection, and Advanced Threat Prevention. Processes inventory data for use by the Management Console. Collects and stores authentication data. Controls role-based access.
Device Server	HTTPS/ 8081	Supports activations and password recovery. A component of the Security Management Server. Required for Encryption Enterprise (Windows and Mac)
Security Server	HTTPS/ 8443	Communicates with Policy Proxy; manages forensic key retrievals, activations of clients, SED-PBA and Full Disk Encryption-PBA communication, and Active Directory for authentication or reconciliation. This includes identity validation for authentication into the Management Console. Requires SQL database access.
Compatibility Server	TCP/ 1099	A service for managing the enterprise architecture. Collects and stores initial inventory data during activation and policy data during migrations. Processes data based on user groups. NOTE:Port 1099 should be filtered through a firewall. Dell Technologies recommends this port be internal only.
Message Broker Service	TCP/ 61616 and STOMP/ 61613	Handles communication between services of the Dell Server. Stages policy information that the Compatibility Server creates for Policy Proxy queuing. Requires SQL database access. NOTE:Port 61616 should be filtered through a firewall. Dell Technologies recommends this port be internal only. NOTE:Only open port 61613 to Security Management Servers configured in Front-End mode.
Key Server	TCP/ 8050	Negotiates, authenticates, and encrypts a client connection using Kerberos APIs. Requires SQL database access to pull the key data.
Policy Proxy	TCP/ 8000	Provides a network-based communication path to deliver security policy updates and inventory updates.
PostGres	TCP/ 5432	Local database used for eventing data. NOTE:Port 5432 should be filtered through a firewall. Dell Technologies recommends this port be internal only.
LDAP	TCP/ 389/636 (local domain controller), 3268/3269 (global catalog) TCP/ 135/ 49125+ (RPC)	Port 389 - This port is used for requesting information from the local domain controller. LDAP requests sent to port 389 can be used to search for objects only within the home domain of the global catalog. However, the requesting application can obtain all the attributes for those objects. For example, a request to port 389 could be used to obtain a user's department. Port 3268 - This port is used for queries that are specifically targeted for the global catalog. LDAP requests sent to port 3268 can be used to search for objects in the entire forest. However, only the attributes marked for replication to the global catalog can be returned. For example, a user's department could not be returned using port 3268 since this attribute is not replicated to the global catalog.
Microsoft SQL Database	TCP/ 1433	The default SQL Server port is 1433, and client ports are assigned a random value 1024–5000.
Client Authentication	HTTPS/ 8449	Allows client servers to authenticate with Dell Server. Required for Server Encryption.