Ports needed by ePolicy Orchestrator for communication through a firewall

Technical Articles ID: KB66797
Last Modified: 6/11/2019

Environment

McAfee ePolicy Orchestrator (ePO) 5.x
McAfee Agent - all supported versions

Summary

Recent updates to this article:

Date	Update
March 15, 2019	Removed references to ftp sites because, effective May 31, 2019, the service provider that McAfee uses to host our FTP service will no longer provide FTP capabilities.
November 13, 2018	New entry added to the McAfee Updates table: (80, TCP, Outbound from the McAfee ePO server to s-download.mcafee.com).
June 14, 2018	Minor spelling mistake correction made in the McAfee updates table.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

The following tables display the ports needed by ePO for communication through a firewall.

For this article:

Bidirectional - A connection is initiated from either direction.
Inbound - Connection initiated by a remote system.
Outbound - Connection initiated by the local system.

Port	Default	Description	Traffic direction
Agent-server communication port	80	TCP port that the McAfee ePO server service uses to receive requests from agents.	Inbound connection to the Agent Handler and the McAfee ePO server from the McAfee Agent. Inbound connection to the McAfee ePO server from the Remote Agent Handler.
Agent-server communication secure port Software Manager, Product Compatibility List, and License Manager port	443	TCP port that the McAfee ePO server service uses to receive requests from agents and Remote Agent Handlers. TCP port that the McAfee ePO server's Software Manager uses to connect to McAfee. TCP port that the McAfee ePO server uses to connect to the McAfee software updates server (s-download.mcafee.com), McAfee license server (lc.mcafee.com), and McAfee Product Compatibility List (epo.mcafee.com).	Inbound connection to the Agent Handler and the McAfee ePO server from the McAfee Agent. Inbound connection to the McAfee ePO server from the Remote Agent Handler. Outbound connection from the McAfee ePO server to McAfee servers.
Agent wake-up communication port SuperAgent repository port	8081	TCP port that agents use to receive agent wake-up requests from the McAfee ePO server or Agent Handler. TCP port that the SuperAgents configured as repositories that are used to receive content from the McAfee ePO server during repository replication, and to serve content to client systems.	Inbound connection from the ePO server/Agent Handler to the McAfee Agent. Inbound connection from client systems to SuperAgents configured as repositories.
Agent broadcast communication port	8082	UDP port that the SuperAgents use to forward messages from the ePO server/Agent Handler.	Outbound connection from the SuperAgents to other McAfee Agent.
Console-to-application server communication port	8443	TCP port that the ePO Application Server service uses to allow web browser UI access.	Inbound connection to the McAfee ePO server from the ePO console.
Client-to-server authenticated communication port	8444	TCP Port that the Agent Handler uses to communicate with the McAfee ePO server to get required information (such as LDAP servers).	Outbound connection from Remote Agent Handlers to the McAfee ePO server.
SQL Server TCP port	1433	TCP port used to communicate with the SQL Server. This port is specified or determined automatically during the setup process.	Outbound connection from the ePO server/Agent Handler to the SQL Server.
SQL Server UDP port	1434	UDP port used to request the TCP port that the SQL instance hosting the ePO database is using.	Outbound connection from the ePO server/Agent Handler to the SQL Server.
LDAP server port	389	TCP port used to retrieve LDAP information from Active Directory servers.	Outbound connection from the ePO server/Agent Handler to an LDAP server.
SSL LDAP server port	636	TCP port used to retrieve LDAP information from Active Directory servers.	Outbound connection from the ePO server/Agent Handler to an LDAP server.
SMB Windows domain controller port	445	TCP port used for ePO console logon when authenticating Active Directory users.	Outbound connection from the McAfee ePO server to the domain controller (Active Directory) server.
Syslog server port (optional)	6514	Default port for Syslog using TLS: only required if syslog forwarding is configured	Outbound from the McAfee ePO server / Agent Handlers to registered syslog server.

ePO (Ports/Traffic Quick Reference)

McAfee ePO server

Default port	Protocol	Traffic direction
80	TCP	Inbound connection to the McAfee ePO server
389	TCP	Outbound connection from the McAfee ePO server
443	TCP	Inbound/outbound connection to/from the McAfee ePO server
445	SMB	Outbound connection from the McAfee ePO server
636	TCP	Outbound connection from the McAfee ePO server
1433	TCP	Outbound connection from the McAfee ePO server
1434	UDP	Outbound connection from the McAfee ePO server
8081	TCP	Outbound connection from the McAfee ePO server
8443	TCP	Inbound connection to the McAfee ePO server
8444	TCP	Inbound connection to the McAfee ePO server

Remote Agent Handlers (one or more)

Default port	Protocol	Traffic direction
80	TCP	Inbound/outbound connection to/from the Agent Handler
389	TCP	Outbound connection from the Agent Handler
443	TCP	Inbound/outbound connection to/from the Agent Handler
636	TCP	Outbound connection from the Agent Handler
1433	TCP	Outbound connection from the Agent Handler
1434	UDP	Outbound connection from the Agent Handler
8081	TCP	Outbound connection from the Agent Handler
8443	TCP	Outbound connection from the Agent Handler
8444	TCP	Outbound connection from the Agent Handler

McAfee Agent

Default port	Protocol	Traffic direction
80	TCP	Outbound connection to the ePO server/Agent Handler (MA 4.x only) *
443	TCP	Outbound connection to the ePO server/Agent Handler (MA 4.x and 5.x)
8081	TCP	Inbound connection from the ePO server/Agent Handler. If the agent is a SuperAgent Repository, inbound connection from other McAfee Agent.
8082	UDP	Inbound connection to agents. Inbound/outbound connection from/to SuperAgents.
8083	UDP	RelayServer discovery for version 4.8 agents

^{* Port 80 is used by MA 4.x to connect to ePO/AH as a repository for MA tasks.}

SQL Server

Default port	Protocol	Traffic direction
1433	TCP	Inbound connection from the ePO server/Agent Handler
1434	UDP	Inbound connection from the ePO server/Agent Handler

McAfee Updates

Default port	Protocol	Traffic direction
21	TCP	Effective May 31, 2019, the service provider that McAfee uses to host our FTP service will no longer provide FTP capabilities. For details, see KB91260.
80	TCP	Outbound from the McAfee ePO server to http://update.nai.com
443	TCP	Outbound from the McAfee ePO server to epo.mcafee.com NOTE: These URLs are not accessible in browsers.
80	TCP	Outbound from the McAfee ePO server to s-download.mcafee.com

Agent deployment on Linux uses port 22 (bidirectional). Agent deployment on Windows client uses port 445.

Affected Products

ePolicy Orchestrator 5.9
ePolicy Orchestrator 5.10.x
Getting Started
McAfee Agent 5.0.x
McAfee Agent 4.8 (EOL)

Languages:

This article is available in the following languages:

German
English United States
Spanish Spain
French
Italian
Japanese
Korean
Dutch
Portuguese Brasileiro
Chinese Simplified
Chinese Traditional

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Knowledge Center

Environment

Summary

Affected Products

Languages:

Glossary of Technical Terms

Title

Title

Featured Solutions

Explore Our Portfolio

Security Outcomes

Industries

Products

Featured Solutions

Explore Our Portfolio

MVISION Products

Services & Training

Threat Research

Our Researchers

Threat Landscape Dashboard

Tools

Contact Us

Resources

Downloads

Product Help

Connect with Us

Explore

Our Company

Our Efforts

Other Resources

Careers

Partnerships

Knowledge Center

Environment

Summary

Affected Products

Languages:

Glossary of Technical Terms

Choose your region

Title

Title