Views:
Deep Discovery Inspector uses various ports for communication, system operations, and security functions.
The following table explains what ports Deep Discovery Inspector uses and why they are used:
Port
Protocol
Function
Purpose
22
TCP
Listening
  • Connect to the preconfiguration console
  • Send logs and data to the Threat Management Services Portal if Deep Discovery Inspector is registered over SSH
25
TCP
Outbound
Deep Discovery Inspector sends notifications and scheduled reports through SMTP.
53
TCP/UDP
Outbound
Deep Discovery Inspector uses this port for DNS resolution.
67
UDP
Outbound
Deep Discovery Inspector sends requests to the DHCP server if IP addresses are assigned dynamically.
68
UDP
Listening
Deep Discovery Inspector receives responses from the DHCP server.
80
TCP
Listening
  • Deep Discovery Inspector connects to other computers and integrated Trend Micro products and hosted services through this port.
  • Share threat intelligence information with other products
Outbound
Deep Discovery Inspector connects to other computers and integrated Trend Micro products and hosted services through this port.
  • Communicate with Trend Micro Apex Central if Deep Discovery Inspector is registered over HTTP
  • Update components by connecting to the ActiveUpdate server
123
UDP
Outbound
Deep Discovery Inspector uses this port to connect to the NTP server to synchronize time.
137
UDP
Outbound
Deep Discovery Inspector uses NetBIOS to resolve IP addresses to host names.
161
UDP
Listening
Deep Discovery Inspector uses this port for SNMP agent listening and protocol translation.
162
UDP
Outbound
Deep Discovery Inspector uses this port to send SNMP trap notifications.
389
TCP/UDP
Outbound
Deep Discovery Inspector uses this port to retrieve user information from LDAP servers.
Important
Important
This is the default port. Configure this port through the management console.
443
TCP
Listening
Access the management console with a computer through HTTPS
Outbound
Important
Important
This is the default port for the following features:
  • Communicate with Deep Discovery Director - On-premises version
  • Communicate with Trend Micro Apex Central
  • Send files to Deep Discovery Analyzer for sandbox analysis
Configure this port through the management console.
  • Communicate with Deep Discovery Director - On-premises version
  • Communicate with Trend Micro Apex Central
  • Communicate with Trend Micro Service Gateway
  • Communicate with Trend Vision One
  • Connect to MITRE ATT&CK™ Tactics and Techniques website
  • Connect to Trend Micro Threat Connect
  • Query Mobile App Reputation Service through Smart Protection Server
  • Query Predictive Machine Learning engine
  • Query the Web Reputation Services blocking reason
  • Register to the mitigation server
  • Scan APK files and send detection information to the Mobile App Reputation Service
  • Send files to Deep Discovery Analyzer for sandbox analysis
  • Send logs and data to the Threat Management Services Portal if Deep Discovery Inspector is using SSL encryption
  • Share anonymous threat information with the Smart Protection Network
  • Share threat intelligence information with Trend Micro TXOne OT Defense Console
  • Verify the safety of files through the Certified Safe Software Service
465
TCP
Outbound
Deep Discovery Inspector sends notifications and scheduled reports through SMTP over TCP with SSL/TLS encryption.
514
UDP
Outbound
Deep Discovery Inspector sends logs to a syslog server over UDP.
Important
Important
  • The port must match the syslog server.
  • This is the default port. Configure this port through the management console.
587
TCP
Outbound
Deep Discovery Inspector sends notifications and scheduled reports through SMTP over TCP with STARTTLS encryption.
601
TCP
Outbound
Deep Discovery Inspector uses this port to send logs to a syslog server.
Note
Note
  • This is the default port. Configure this port through the management console.
  • The port must match the syslog server.
636
UDP
Outbound
Deep Discovery Inspector uses this port to retrieve user information from LDAP servers.
Important
Important
This is the default port. Configure this port through the management console.
3268
TCP
Outbound
Deep Discovery Inspector uses this port to retrieve user information from LDAP servers.
3269
TCP
Outbound
Deep Discovery Inspector uses this port to retrieve user information from LDAP servers.
4343
TCP
Outbound
Communicate with Smart Protection Server
5275
TCP
Outbound
  • Query Web Reputation Services through Smart Protection Server using HTTPS
  • Query Web Reputation Services through Service Gateway Smart Protection Server using HTTPS
6514
TCP
Outbound
Deep Discovery Inspector sends logs to a syslog server over TCP with SSL encryption.
Important
Important
  • The port must match the syslog server.
  • This is the default port. Configure this port through the management console.
8514
UDP
Outbound
Deep Discovery Inspector sends syslog information to Deep Discovery Advisor if Deep Discovery Inspector is integrated with Deep Discovery Advisor.
Important
Important
This is the default port. It can be configured through the management console, and it must match the syslog settings on Deep Discovery Advisor.
8080
TCP
Listening
Deep Discovery Inspector uses this port to share threat intelligence with other products.
Important
Important
This is the default port. Configure this port through the management console.