Configure your firewall and connected products to allow inbound communication to the Service Gateway.
Use the following settings to configure your firewall or open the necessary ports
on your virtual host to allow internal, inbound communication from connected products
and third-party applications to the Service Gateway.
ImportantThese ports are strictly for internal network traffic and the Service Gateway does
not require any external inbound ports to be opened.
|
Listening Port
|
Purpose
|
22
|
Secure Shell (SSH) communication, which allows users to remotely access the Service
Gateway and execute commands
|
80
|
Service enabled queries for on-premises Active Directory servers,
connected Trend Micro products (such as
endpoint agents), Predictive Machine Learning, File Reputation Services, or Third-Party
Integration
Port 80 is opened for HTTP traffic.
|
443
|
Service enabled queries for on-premises Active Directory servers,
connected Trend Micro products (such as endpoint agents), Predictive Machine Learning, File Reputation
Services, or Third-Party Integration
Port 443 is opened for HTTPS traffic.
|
5274
|
Web Reputation Services or Web Inspection Service queries
Port 5274 is opened for HTTP traffic.
|
5275
|
Web Reputation Services or Web Inspection Service queries
Port 5275 is opened for HTTPS traffic.
|
8080
|
Forward Proxy Service listening port for connection
|
8088
|
Zero Trust Secure Access On-Premises Gateway listening port for
connection
|
8089
|
Zero Trust Secure Access On-Premises Gateway user authentication listening port for
connection
|
1344
|
Zero Trust Secure Access On-Premises Gateway ICAP listening port for connection
|
11344
|
Zero Trust Secure Access On-Premises Gateway ICAPS listening port for connection
|
Firewall requirements for Service Gateway virtual appliance outbound traffic differ
depending on your Trend Vision One environment. Refer to Firewall exception requirements for Trend Vision One to ensure you configure the correct "Allow" rules.
NotePort 443 (HTTPS) is the only outbound port required for the Service Gateway exceptions
listed in Firewall exception requirements for Trend Vision One.
|