- Notes, cautions, and warnings
- Quick Start Guide
- Detailed Installation Guide
- Maintenance
- Troubleshooting
- Post-Installation Configuration
- Management Console Administrator Tasks
- Ports
The following table describes each component and its function.
Name |
Default Port |
Description |
---|---|---|
Access Group Service |
TCP/ 8006 |
Manages various permissions and group access for various Dell Security products. NOTE:Port 8006 is not currently secured. Ensure this port is properly filtered through a firewall. This port is internal only.
|
Management Console |
HTTPS/ 8443 |
Administration console and control center for the entire enterprise deployment. |
Core Server |
HTTPS/ 8887 (closed) |
Manages policy flow, licenses, and registration for Preboot Authentication, SED Management, BitLocker Manager, Threat Protection, and Advanced Threat Prevention. Processes inventory data for use by the Management Console. Collects and stores authentication data. Controls role-based access. |
Core Server HA (High Availability) |
HTTPS/ 8888 |
A high-availability service that allows for increased security and performance of HTTPS connections with the Management Console, Preboot Authentication, SED Management, FDE, BitLocker Manager, Threat Protection, and Advanced Threat Prevention. |
Security Server |
HTTPS/ 8443 |
Communicates with Policy Proxy; manages forensic key retrievals, activations of clients, and SED-PBA and Full Disk Encryption-PBA communication. |
Compatibility Server |
TCP/ 1099 (closed) |
A service for managing the enterprise architecture. Collects and stores initial inventory data during activation and policy data during migrations. Processes data based on user groups. NOTE:Port 1099 should be filtered through a firewall. Dell suggests this port be internal only.
|
Message Broker Service |
TCP/ 61616 (closed) and STOMP/ 61613 (closed or, if configured for DMZ, 61613 is open) |
Handles communication between services of the Dell Server. Stages policy information created by the Compatibility Server for Policy Proxy queuing. NOTE:Port 61616 should be filtered through a firewall. Dell recommends this port be internal only.
NOTE:Port 61613 should only be opened to Security Management Servers configured in Front-End mode.
|
Identity Server |
8445 (closed) |
Handles domain authentication requests, including authentication for SED Management. |
Forensic Server |
HTTPS/ 8448 |
Allows administrators that have appropriate privileges to get encryption keys from the Management Console for use in data unlocks or decryption tasks. Required for Forensic API. |
Inventory Server |
8887 |
Processes the inventory queue. |
Policy Proxy |
TCP/ 8000 |
Provides a network-based communication path to deliver security policy updates and inventory updates. Required for Encryption Enterprise (Windows and Mac) |
PostGres |
TCP/ 5432 |
Local database used for eventing data. NOTE:Port 5432 should be filtered through a firewall. Dell recommends this port be internal only.
|
LDAP |
389/636, 3268/3269 RPC - 135, 49125+ |
Port 389 - This port is used for requesting information from the local domain controller. LDAP requests sent to port 389 can be used to search for objects only within the global catalog's home domain. However, the requesting application can obtain all of the attributes for those objects. For example, a request to port 389 could be used to obtain a user's department. Port 3268 - This port is used for queries specifically targeted for the global catalog. LDAP requests sent to port 3268 can be used to search for objects in the entire forest. However, only the attributes marked for replication to the global catalog can be returned. For example, a user's department could not be returned using port 3268 since this attribute is not replicated to the global catalog. |
Client Authentication |
HTTPS/ 8449 |
Allows client servers to authenticate against Dell Server. Required for Server Encryption |