Views:
The Deep Security Manager can be instructed to scan a computer for open ports by right-clicking the computer and selecting Actions > Scan for Open ports, or by clicking the Scan for Open Ports button in the Firewall page of the Computer editor window (where the results of the latest scan are displayed).
(Port scans can also be initiated by right-clicking an existing computer on the Manager's Computers page and choosing "Scan for Open Ports". Another way to initiate port scans is to create a Scheduled Task to regularly carry out port scans on a list of computers.)
By default, the range of ports that are scanned is the range known as the "Common Ports", 1-1024, but you can define a different set of ports to scan.
Note
Note
The agent's port number for incoming heartbeat connections from the Manager is always scanned regardless of port range settings. It is the port on the computer to which communications initiated by the Manager are sent. If communication direction is set to "Agent/Appliance Initiated" for a computer (Computer or Policy editor > Settings > General), however, that port number will be closed.
  1. Go to Policies > Common Objects > Lists > Port Lists and click New in the menu bar. The New Port List window will appear.
  2. Type a name and description for the new port list and then define the ports in the Port(s) text box using the accepted formats. (For example, to scan ports 100, 105, and 110 through 120, you would type "100" on the first line "105" on the second, and "110-120" on the third.) Click OK.
  3. Go to Computer or Policy editor > Settings > General and click the "Ports to Scan" menu. Your newly defined Port List will be one of the choices.