Ports Used by the Appliance

The following table shows the ports that are used with Deep Discovery Email Inspector and why they are used.

Table 1. Ports used by Deep Discovery Email Inspector

Port

Protocol

Function

Purpose

22

TCP

Listening

Endpoints connect to Deep Discovery Email Inspector through SSH.

25

TCP

Listening

MTAs and mail servers connect to Deep Discovery Email Inspector through SMTP.

53

TCP/UDP

Outbound

Deep Discovery Email Inspector uses this port for:

  • DNS resolution

  • Sender authentication (SPF, DKIM, DMARC) query

80

TCP

Listening and outbound

Deep Discovery Email Inspector connects to other computers and integrated Trend Micro products and hosted services through this port.

  • Connect to the Customer Licensing Portal to manage the product licenses

  • Query Community File Reputation Services

  • Query Community Domain/IP Reputation Services

  • Query Web Reputation Services through the Smart Protection Network

  • Upload virtual analyzer images to Deep Discovery Email Inspector using the image import tool

  • Communicate with Trend Micro Apex Central if Deep Discovery Email Inspector is registered over HTTP

123

UDP

Outbound

Deep Discovery Email Inspector connects to the NTP server to synchronize time.

161

TCP

Listening

Deep Discovery Email Inspector uses this port to listen for requests from SNMP managers.

162

TCP

Outbound

Deep Discovery Email Inspector connects to SNMP mangers to send SNMP trap messages.

443

TCP

Listening and outbound

Deep Discovery Email Inspector uses this port to:

  • Query Predictive Machine Learning engine

  • Query Web Inspection Service

  • Access the management console with a computer through HTTPS

  • Communicate with Trend Micro Apex Central

  • Connect to the Smart Protection Network and query Web Reputation Services

  • Connect to Trend Micro Threat Connect

  • Send anonymous threat information to Smart Feedback

  • Update components by connecting to the ActiveUpdate server

  • Send product usage information to Trend Micro feedback servers

  • Verify the safety of files through the Certified Safe Software Service

  • Communicate with Deep Discovery Director

  • Share threat intelligence information and exception list with other products

636

TCP

Outbound

Deep Discovery Email Inspector uses this port as the default port to connect to the Microsoft Active Directory server for third-party authentication.

3269

TCP

Outbound

Deep Discovery Email Inspector uses this port as the default port to connect to the Microsoft Active Directory server for LDAP query using Global Catalog.

4459

TCP

Listening and outbound

Endpoints connect to the End-User Quarantine console on Deep Discovery Email Inspector through this port.

5274

TCP

Outbound

Deep Discovery Email Inspector uses this port as the default port to connect to the Smart Protection Server for web reputation services.

User-defined

N/A

Outbound

Deep Discovery Email Inspector uses specified ports to:

  • Send logs to syslog servers

  • Share threat intelligence with integrated products/services

  • Upload detection logs to SFTP servers

  • Communicate with Check Point Open Platform for Security (OPSEC)