Firewall port summary

This section lists a summary of the port numbers that are used for various devices for communication purposes. Ports that you can customize according to your requirements are listed in bold and italics, for example, 1433 and 1521. For more information, see other references in the Security section.

System-communications-and-network-ports

The following table lists the ports that might be used in scanning (part of a consolidating system) and standalone appliances, and BMC Discovery Outpost.

Port Number	Port assignment	Direction	Use	Reference
4	Closed Port	Outbound	Base Device Detection	Network ports used for discovery communications
21	FTP	Outbound	Base Device Detection	Network ports used for discovery communications
22	SSH	Inbound	Appliance CLI access	System communications
22	SSH	Outbound	UNIX Discovery	Network ports used for discovery communications
23	telnet	Outbound	UNIX Discovery	Network ports used for discovery communications
25	SMTP	Outbound	Email Relay	System communications
53	DNS	Outbound	Domain Name Lookup	System-communications-and-network-ports
80	HTTP	Outbound	Base Device Detection	Network ports used for discovery communications
123	NTP	Outbound	Time Synchronization	System communications
135	DCE RPC Endpoint Manager. DCOM Service Control	Outbound Outbound	Windows Discovery Appliance backup to Windows server	Network ports used for discovery communications System communications
139	Netbios Session Service	Outbound	Appliance backup to Windows server	System communications
161	SNMP	Outbound	SNMP Discovery	Network ports used for discovery communications
389	LDAP	Outbound	LDAP UI User Authentication	System communications
443	HTTPS	Inbound (UI > Appliance)	Main UI Secure	System communications
443	HTTPS	Inbound (Outpost > Appliance)	BMC Discovery Outpost to Appliance communication. Note that the connection is always initiated by the Outpost to the Appliance and never the reverse. The appliance never connects to the Outpost. The Outpost connects to the appliance with HTTPS on port 443. It is not necessary to open Outbound HTTPS Port 443 from Appliance to Outpost.	System communications
443	HTTPS	Outbound	vCenter discovery (Appliance > vCenter)	Network ports used for discovery communications
445	Microsoft Directory Services SMB	Outbound	Appliance backup to Windows server	System communications
513	rlogin	Outbound	UNIX Discovery	Network ports used for discovery communications
636	LDAPS	Outbound	LDAPS UI User Authentication	System communications
902	vSphere API	Outbound	VMware ESX/ESXi Discovery	Network ports used for discovery communications
*1433*	MS SQL	Outbound	MS SQL Extended Discovery	Network ports used for discovery communications
*1521*	Oracle SQL	Outbound	Oracle SQL Extended Discovery
*3306*	MySQL SQL	Outbound	MySQL SQL Extended Discovery
*3940*	Discovery for z/OS Agent	Outbound	Mainframe Discovery	Network ports used for discovery communications
*4100*	Sybase SQL	Outbound	Sybase ASE SQL Extended Discovery	Network ports used for discovery communications
4321	CORBA	Outbound	AD Windows proxy Windows Discovery	Network ports used for discovery communications
4323	CORBA	Outbound	Credential Windows proxy Windows Discovery
5985	HTTP	Outbound	PowerShell HTTP
5986	HTTPS	Outbound	PowerShell HTTPS
5988	HTTP	Outbound	WBEM Discovery
5989	HTTPS	Outbound	WBEM Discovery
25032	CORBA	Outbound	Reasoning communication Scanning appliance. This port is used for consolidation.	System communications
25033	CORBA	Inbound	User authentication and authorization from other Helix products.
*ARTCPPORT Value*	AR System	Outbound	CMDB Sync Standalone appliance only. Scanning appliances do not sync to CMDB, this is done from the consolidating appliance.

Additional ports used in clustered systems

The following ports are used in clustered systems, in addition to those used in scanning and standalone machines.

Port Number	Port assignment	Direction	Use	Reference
25030	CORBA	Inbound Outbound	Clustering	System communications
25031	CORBA	Inbound Outbound	Datastore	System communications
25032	CORBA	Inbound Outbound	Reasoning communication and consolidation.	System communications

Consolidation Appliance Ports

The following ports are used in consolidating appliances.

Port Number	Port assignment	Direction	Use	Reference
22	SSH	Inbound	Appliance CLI access	System communications
25	SMTP	Outbound	Email Relay	System communications
53	DNS	Outbound	Domain Name Lookup	System communications
80	HTTP	Inbound	Main UI Standard	System communications
123	NTP	Outbound	Time Synchronization	System communications
389	LDAP	Outbound	LDAP UI User Authentication	System communications
443	HTTPS	Inbound	Main UI Secure	System communications
636	LDAPS	Outbound	LDAPS UI User Authentication	System communications
*ARTCPPORT Value*	AR System	Outbound	CMDB Sync	System communications
25032	CORBA	Inbound	Consolidation	System communications

Windows proxy Ports

Proxy ports

You can also install multiple proxies of each type on a single host. Consequently, you must check the proxy manager to determine which ports the proxies are using. The defaults are the same as previous releases, but installations of additional proxies use incremental ports. You can also use the proxy manager to modify the port that each proxy uses.

Port Number	Port assignment	Direction	Use	Reference
135	DCE RPC Endpoint Manager. DCOM Service Control	Outbound	Windows Discovery	Network ports used for discovery communications
139	Netbios Session Service	Outbound	Windows Discovery
445	Microsoft Directory Services SMB	Outbound	Windows Discovery
*49152-65535*	DCOM	Outbound	Windows Discovery
4321	CORBA	Inbound	AD Windows proxy Windows Discovery
4323	CORBA	Inbound	Credential Windows proxy Windows Discovery

Firewall port summary

Additional ports used in clustered systems

Consolidation Appliance Ports

Windows proxy Ports

On this page