Dell Security Management Server Virtual Quick Start and Installation Guide v11.9

PDF

Ports

The following table describes each component and its function.


Name	Default Port	Description
Access Group Service	TCP/ 8006	Manages various permissions and group access for various Dell Security products. NOTE:Port 8006 is not currently secured. Ensure this port is properly filtered through a firewall. This port is internal only.
Management Console	HTTPS/ 8443	Administration console and control center for the entire enterprise deployment.
Core Server	HTTPS/ 8887 (closed)	Manages policy flow, licenses, and registration for Preboot Authentication, SED Management, BitLocker Manager, Threat Protection, and Advanced Threat Prevention. Processes inventory data for use by the Management Console. Collects and stores authentication data. Controls role-based access.
Core Server HA (High Availability)	HTTPS/ 8888	A high-availability service that allows for increased security and performance of HTTPS connections with the Management Console, Preboot Authentication, SED Management, FDE, BitLocker Manager, Threat Protection, and Advanced Threat Prevention.
Security Server	HTTPS/ 8443	Communicates with Policy Proxy; manages forensic key retrievals, activations of clients, and SED-PBA and Full Disk Encryption-PBA communication.
Compatibility Server	TCP/ 1099 (closed)	A service for managing the enterprise architecture. Collects and stores initial inventory data during activation and policy data during migrations. Processes data based on user groups. NOTE:Port 1099 should be filtered through a firewall. Dell suggests this port be internal only.
Message Broker Service	TCP/ 61616 (closed) and STOMP/ 61613 (closed or, if configured for DMZ, 61613 is open)	Handles communication between services of the Dell Server. Stages policy information created by the Compatibility Server for Policy Proxy queuing. NOTE:Port 61616 should be filtered through a firewall. Dell recommends this port be internal only. NOTE:Port 61613 should only be opened to Security Management Servers configured in Front-End mode.
Identity Server	8445 (closed)	Handles domain authentication requests, including authentication for SED Management.
Forensic Server	HTTPS/ 8448	Allows administrators that have appropriate privileges to get encryption keys from the Management Console for use in data unlocks or decryption tasks. Required for Forensic API.
Inventory Server	8887	Processes the inventory queue.
Policy Proxy	TCP/ 8000	Provides a network-based communication path to deliver security policy updates and inventory updates. Required for Encryption Enterprise (Windows and Mac)
PostGres	TCP/ 5432	Local database used for eventing data. NOTE:Port 5432 should be filtered through a firewall. Dell recommends this port be internal only.
LDAP	389/636, 3268/3269 RPC - 135, 49125+	Port 389 - This port is used for requesting information from the local domain controller. LDAP requests sent to port 389 can be used to search for objects only within the global catalog's home domain. However, the requesting application can obtain all of the attributes for those objects. For example, a request to port 389 could be used to obtain a user's department. Port 3268 - This port is used for queries specifically targeted for the global catalog. LDAP requests sent to port 3268 can be used to search for objects in the entire forest. However, only the attributes marked for replication to the global catalog can be returned. For example, a user's department could not be returned using port 3268 since this attribute is not replicated to the global catalog.
Client Authentication	HTTPS/ 8449	Allows client servers to authenticate against Dell Server. Required for Server Encryption