Ports Used by Deep Discovery Director (Internal Network Analytics Version)

Views:

The following section shows the ports that are used with Deep Discovery Director (Internal Network Analytics Version) and why they are used.

Table 1. Ports used by Deep Discovery Director (Internal Network Analytics Version)
Port	Protocol	Function	Purpose
22	TCP	Listening and outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to: Connect to the preconfiguration console Download Virtual Analyzer images from an SFTP server Back up configuration settings and data to an SFTP server
25	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to send alert notifications through SMTP.
53	TCP/UDP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port for DNS resolution.
80	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) connects to other computers and integrated Trend Micro products and hosted services through this port. In particular,Deep Discovery Director (Internal Network Analytics Version) uses this port to: Connect to the Customer Licensing Portal Connect to a proxy server Connect to the Email Encryption service
123	UDP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to connect to the NTP server to synchronize time.
139	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to download Virtual Analyzer images from a network folder.
161	UDP	Listening	Deep Discovery Director (Internal Network Analytics Version) uses this port for SNMP agent listening and protocol translation.
162	UDP	Listening and Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port: For SNMP agent listening and protocol translation To send SNMP trap notifications
443	TCP	Listening and outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to: Access the management console with a computer through HTTPS Listen to TAXII 1.x and 2.0 client requests Listen to integrating product or service requests for threat intelligence data Listen to auxiliary product or service requests for threat intelligence data Communicate with auxiliary products or services for threat intelligence sharing Communicate with Deep Discovery appliances Communicate with Deep Discovery Director - Network Analytics as a Service Communicate with the ActiveUpdate server Communicate with Trend Micro Apex Central Communicate with Trend Micro Vision One
445	TCP/UDP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to download Virtual Analyzer images from a network folder.
601	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to send logs to a syslog server.
636	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to retrieve user information from LDAP servers.
4459	TCP	Listening	Deep Discovery Director (Internal Network Analytics Version) uses this port to access the End-User Quarantine console with a computer over HTTPS.
6514	TCP	Listening and Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to send logs to a syslog server over TCP with SSL encryption.
8080	TCP	Listening	Deep Discovery Director (Internal Network Analytics Version) uses this port to share threat intelligence with other products.
8883	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to distribute threat intelligence data to OpenDXL clients, services, and brokers.
18183	TCP	Outbound	Deep Discovery Director (Internal Network Analytics Version) uses this port to distribute threat intelligence data to Check Point Open Platform for Security.