Ports needed by ePO 4.x and ePO 5.x for communication through a firewall
Technical Articles ID: KB66797
Last Modified: 12/10/2014
Rated:
Last Modified: 12/10/2014
Rated:
Environment
McAfee Agent (MA) 5.x, 4.x
McAfee ePolicy Orchestrator (ePO) 5.x, 4.x
McAfee ePolicy Orchestrator (ePO) 5.x, 4.x
Summary
The following tables display the ports needed by ePO for communication through a firewall.
For the purpose of this article:
- Bi-directional means that a connection can be initiated from either direction.
- Inbound means the connection is initiated by a remote system.
- Outbound means the connection can be initiated by the local system.
ePO 5.x and 4.6.x
| Port | Default | Description | Traffic direction |
| Agent-server communication port | 80 | TCP port that the ePO Server service uses to receive requests from agents. | Inbound connection to the Agent Handler and the ePO server from the McAfee Agent. Inbound connection to the ePO server from the remote Agent Handler. |
| Agent-server communication secure port (4.5 and later agents only) Software Manager |
443 | TCP port that the ePO Server service uses to receive requests from agents and remote Agent Handlers. TCP port that the ePO server's Software Manager uses to connect to McAfee. |
Inbound connection to the Agent Handler and the ePO server from the McAfee Agent. Inbound connection to the ePO server from the remote Agent Handler. |
| Agent wake-up communication port SuperAgent repository port |
8081 | TCP port that agents use to receive agent wake-up requests from the ePO server or Agent Handler. TCP port that the SuperAgents configured as repositories that are used to receive content from the ePO server during repository replication, and to serve content to client machines. |
Inbound connection from the ePO server/Agent Handler to the McAfee Agent. Inbound connection from client machines to SuperAgents configured as repositories. |
| Agent broadcast communication port | 8082 | UDP port that the SuperAgents use to forward messages from the ePO server/Agent Handler. | Outbound connection from the SuperAgents to other McAfee Agents. |
| Console-to-application server communication port | 8443 | TCP port that the ePO Application Server service uses to allow web browser UI access. | Inbound connection to the ePO server from the ePO console. |
| Client-to-server authenticated communication port | 8444 | TCP Port that the Agent Handler uses to communicate with the ePO server to get required information (such as LDAP servers). | Outbound connection from remote Agent Handlers to the ePO server. |
| SQL server TCP port | 1433 | TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. | Outbound connection from the ePO server/Agent Handler to the SQL server. |
| SQL server UDP port | 1434 | UDP port used to request the TCP port that the SQL instance hosting the ePO database is using. | Outbound connection from the ePO server/Agent Handler to the SQL server. |
| LDAP server port | 389 | TCP port used to retrieve LDAP information from Active Directory servers. | Outbound connection from the ePO server/Agent Handler to an LDAP server. |
| SSL LDAP server port | 636 | TCP port used to retrieve LDAP information from Active Directory servers. | Outbound connection from the ePO server/Agent Handler to an LDAP server. |
| SMB Windows domain controller port | 445 | TCP port used for ePO console login when authenticating Active Directory users. | Outbound connection from the ePO server to the domain controller (Active Directory) server. |
ePO (Ports/Traffic Quick Reference)
ePO Server
Default Port Protocol Traffic direction 80 TCP Inbound connection to the ePO server 389 TCP Outbound connection from the ePO server 443 TCP Inbound/outbound connection to/from the ePO server 445 SMB Outbound connection from the ePO server 636 TCP Outbound connection from the ePO server 1433 TCP Outbound connection from the ePO server 1434 UDP Outbound connection from the ePO server 8081 TCP Outbound connection from the ePO server 8443 TCP Inbound connection to the ePO server 8444 TCP Inbound connection to the ePO server
Remote Agent Handler(s)
Default Port Protocol Traffic direction 80 TCP Inbound/outbound connection to/from the Agent Handler 389 TCP Outbound connection from the Agent Handler 443 TCP Inbound/outbound connection to/from the Agent Handler 636 TCP Outbound connection from the Agent Handler 1433 TCP Outbound connection from the Agent Handler 1434 UDP Outbound connection from the Agent Handler 8081 TCP Outbound connection from the Agent Handler 8443 TCP Outbound connection from the Agent Handler 8444 TCP Outbound connection from the Agent Handler
McAfee Agent
Default Port Protocol Traffic direction 80 TCP Outbound connection to the ePO server/Agent Handler 443 TCP Outbound connection to the ePO server/Agent Handler 8081 TCP Inbound connection from the ePO server/Agent Handler. If the agent is a SuperAgent repository, inbound connection from other McAfee Agents. 8082 UDP Inbound connection to Agents. Inbound/outbound connection from/to SuperAgents 8083 UDP Relay server discovery for version 4.8 agents
SQL Server
Default Port Protocol Traffic direction 1433 TCP Inbound connection from the ePO server/Agent Handler 1434 UDP Inbound connection from the ePO server/Agent Handler McAfee Updates
Default Port Protocol Traffic direction 80 TCP Outbound from ePO server to http://update.nai.com 21 TCP Outbound from ePO server to ftp://ftp.nai.com
Affected Products
ePolicy Orchestrator 5.1
ePolicy Orchestrator 5.0 (EOL)
ePolicy Orchestrator 4.6.x
ePolicy Orchestrator 4.5 (EOL)
Getting Started
McAfee Agent 5.0
McAfee Agent 4.8
McAfee Agent 4.6
Languages:
This article is available in the following languages:
GermanEnglish United States
Spanish Spain
French
Italian
Japanese
Korean
Dutch
Portuguese Brasileiro
Chinese Simplified
Chinese Traditional
Beta
Translate
with
Select a desired language below to translate this page.
