Default language.

Firewall port summary

This section lists a summary of the port numbers that are used for various devices for communication purposes. Ports that you can customize according to your requirements are listed in bold and italics, for example, 1433 and 1521. For more information, see other references in the Security section. 

Related topics

Network-ports-used-for-discovery-communications


System-communications-and-network-ports


 The following table lists the ports that might be used in scanning (part of a consolidating system) and standalone appliances, and BMC Discovery Outpost.

Port
Number

Port assignment

Direction

Use

Reference

4

Closed Port

Outbound

Base Device Detection

21

FTP

Outbound

Base Device Detection

22

SSH

Inbound

Appliance CLI access

22

SSH

Outbound

UNIX Discovery

23

telnet

Outbound

UNIX Discovery

25

SMTP

Outbound

Email Relay

53

DNS

Outbound

Domain Name Lookup

80

HTTP

Outbound

Base Device Detection

123

NTP

Outbound

Time Synchronization

135

DCE RPC Endpoint Manager.
DCOM Service Control

Outbound


Outbound

Windows Discovery


Appliance backup to Windows server

139

Netbios Session Service

Outbound

Appliance backup to Windows server

161

SNMP

Outbound

SNMP Discovery

389

LDAP

Outbound

LDAP UI User Authentication

443

HTTPS

Inbound (UI > Appliance)

Main UI Secure

443

HTTPS

Inbound  (Outpost  > Appliance)

BMC Discovery Outpost to Appliance communication. The Outpost always initiates the connection to the Appliance and never the reverse.

The appliance never connects to the Outpost. The Outpost connects to the appliance with HTTPS on port 443. Opening Outbound HTTPS Port 443 from Appliance to Outpost is unnecessary.

443

HTTPS

Outbound

Consolidation of inferred data.

443

HTTPS

Outbound

vCenter discovery (Appliance > vCenter)

445

Microsoft Directory Services SMB

Outbound

Appliance backup to Windows server

513

rlogin

Outbound

UNIX Discovery

636

LDAPS

Outbound

LDAPS UI User Authentication

902

vSphere API

Outbound

VMware ESX/ESXi Discovery

1433

MS SQL

Outbound

MS SQL Extended Discovery

1521

Oracle SQL

Outbound

Oracle SQL Extended Discovery

3306

MySQL SQL

Outbound

MySQL SQL Extended Discovery

3940

Discovery for z/OS Agent

Outbound

Mainframe Discovery

4100

Sybase SQL

Outbound

Sybase ASE SQL Extended Discovery

4321

CORBA

Outbound

AD Windows proxy
Windows Discovery

4323

CORBA

Outbound

Credential Windows proxy
Windows Discovery

5985

HTTP

Outbound

PowerShell HTTP

5986

HTTPS

Outbound

PowerShell HTTPS

5988

HTTP

Outbound

WBEM Discovery

5989

HTTPS

Outbound

WBEM Discovery

25032

CORBA

Outbound

Reasoning communication
Scanning appliance. This port is used for consolidation of DDD.

25033

CORBA

Inbound

User authentication and authorization from other Helix products.

ARTCPPORT Value

AR System

Outbound

CMDB Sync
Standalone appliance only. Scanning appliances do not sync to CMDB, this is done from the consolidating appliance.


Additional ports used in clustered systems

The following ports are used in clustered systems, in addition to those used in scanning and standalone machines.

Port
Number

Port assignment

Direction

Use

Reference

25030

CORBA

Inbound
Outbound

Clustering

25031

CORBA

Inbound
Outbound

Datastore

25032

CORBA

Inbound
Outbound

Reasoning communication
and consolidation of DDD.

Consolidation Appliance Ports

The following ports are used in consolidating appliances.

Port Number

Port assignment

Direction

Use

Reference

22

SSH

Inbound

Appliance CLI access

25

SMTP

Outbound

Email Relay

53

DNS

Outbound

Domain Name Lookup

80

HTTP

Inbound

Main UI Standard

123

NTP

Outbound

Time Synchronization

389

LDAP

Outbound

LDAP UI User Authentication

443

HTTPS

Inbound

Main UI Secure

443

HTTPS

Inbound

Consolidation of inferred data.

636

LDAPS

Outbound

LDAPS UI User Authentication

ARTCPPORT Value

AR System

Outbound

CMDB Sync

25032

CORBA

Inbound

Consolidation of DDD.

Windows proxy Ports

Proxy ports

You can also install multiple proxies of each type on a single host. Consequently, you must check the proxy manager to determine which ports the proxies are using. The defaults are the same as previous releases, but installations of additional proxies use incremental ports. You can also use the proxy manager to modify the port that each proxy uses.

Port Number

Port assignment

Direction

Use

Reference

135

DCE RPC Endpoint Manager.
DCOM Service Control

Outbound

Windows Discovery

139

Netbios Session Service

Outbound

Windows Discovery

445

Microsoft Directory Services SMB

Outbound

Windows Discovery

49152-65535

DCOM

Outbound

Windows Discovery

4321

CORBA

Inbound

AD Windows proxy
Windows Discovery

4323

CORBA

Inbound

Credential Windows proxy
Windows Discovery

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*