The following table describes each component and its function.
Name |
Default Port |
Description |
---|---|---|
ACL Service |
TCP/ 8006 |
Manages various permissions and group access for various Dell Security products. NOTE:Port 8006 is not secured. Ensure that this port is properly filtered through a firewall. This port is internal only.
|
Management Console |
HTTP(S)/ 8443 |
Administration console and control center for the entire enterprise deployment. |
Core Server |
HTTPS/ 8888 |
Manages policy flow, licenses, and registration for Preboot Authentication, SED Management, BitLocker Manager, Threat Protection, and Advanced Threat Prevention. Processes inventory data for use by the Management Console. Collects and stores authentication data. Controls role-based access. |
Device Server |
HTTPS/ 8081 |
Supports activations and password recovery. A component of the Security Management Server. Required for Encryption Enterprise (Windows and Mac) |
Security Server |
HTTPS/ 8443 |
Communicates with Policy Proxy; manages forensic key retrievals, activations of clients, SED-PBA and Full Disk Encryption-PBA communication, and Active Directory for authentication or reconciliation. This includes identity validation for authentication into the Management Console. Requires SQL database access. |
Compatibility Server |
TCP/ 1099 |
A service for managing the enterprise architecture. Collects and stores initial inventory data during activation and policy data during migrations. Processes data based on user groups. NOTE:Port 1099 should be filtered through a firewall. Dell Technologies recommends this port be internal only.
|
Message Broker Service |
TCP/ 61616 and STOMP/ 61613 |
Handles communication between services of the Dell Server. Stages policy information that the Compatibility Server creates for Policy Proxy queuing. Requires SQL database access. NOTE:Port 61616 should be filtered through a firewall. Dell Technologies recommends this port be internal only.
NOTE:Only open port 61613 to Security Management Servers configured in Front-End mode.
|
Key Server |
TCP/ 8050 |
Negotiates, authenticates, and encrypts a client connection using Kerberos APIs. Requires SQL database access to pull the key data. |
Policy Proxy |
TCP/ 8000 |
Provides a network-based communication path to deliver security policy updates and inventory updates. |
PostGres |
TCP/ 5432 |
Local database used for eventing data. NOTE:Port 5432 should be filtered through a firewall. Dell Technologies recommends this port be internal only.
|
LDAP |
TCP/ 389/636 (local domain controller), 3268/3269 (global catalog) TCP/ 135/ 49125+ (RPC) |
Port 389 - This port is used for requesting information from the local domain controller. LDAP requests sent to port 389 can be used to search for objects only within the home domain of the global catalog. However, the requesting application can obtain all the attributes for those objects. For example, a request to port 389 could be used to obtain a user's department. Port 3268 - This port is used for queries that are specifically targeted for the global catalog. LDAP requests sent to port 3268 can be used to search for objects in the entire forest. However, only the attributes marked for replication to the global catalog can be returned. For example, a user's department could not be returned using port 3268 since this attribute is not replicated to the global catalog. |
Microsoft SQL Database |
TCP/ 1433 |
The default SQL Server port is 1433, and client ports are assigned a random value 1024–5000. |
Client Authentication |
HTTPS/ 8449 |
Allows client servers to authenticate with Dell Server. Required for Server Encryption. |