-
Title
Detailed directional firewall port information for Defender -
Description
This article provides detailed information in regards to inbound/outbound port requirements for a Defender installation. This may be required for an advanced firewall setup and to achieve the most secure port blocking possible without affecting the Defender application.
-
Resolution
Client web browser to Management Portal
The default port the Management Portal listens on is TCP/8080 (HTTP), this can be altered during installation or via the IIS port bindings after install.
Management Portal to Active Directory
Local ephemeral port on the Management Portal to TCP/389 (LDAP) or TCP/636 (SSL LDAP) on the Domain Controller, and TCP/3268 to Global Catalog.
Management Portal to Defender Security Server
Local ephemeral port on the Management Portal -> File sharing ports TCP 139/445 & UDP 137/138 on the DSS (to retrieve the logs). Further information can be found from Microsoft regarding file sharing ports, e.g.:Internet firewalls can prevent browsing and file sharing
Defender Security Server to Management Portal
Local ephemeral port on the DSS, to TCP/13131 on the Management Portal, for the Defender Log Receiver service.
Defender Security Server to Active Directory
Local ephemeral port on the Management Portal to TCP/389 (LDAP) and/or TCP/636 (SSL LDAP) to the Domain Controller and TCP/3268 to Global Catalog.
RADIUS Client to Defender Security Server
The DSS accepts incoming requests on UDP 1812. This port is configured in the Access Node assigned to the DSS.