Default ports

Default ports

Default ports

Applies to

Websense Web Filter 7.6

Websense Web Security 7.6

Websense Web Security Gateway 7.6

Websense Web Security Gateway Anywhere 7.6

Websense Data Security 7.6

Websense Email Security Gateway 7.6

Websense Email Security Gateway Anywhere 7.6

Overview

This article describes the default port numbers used by Websense products and components. It is important to note that these are default port numbers; some of them may have been changed during installation for your particular deployment.

These default port numbers apply to both Websense-appliance-based and software-based deployments.

Port information in this article is divided into the following sections:

Web Security

Data Security

Email Security Gateway

Data Security

The most robust and effective implementation of Data Security depends on certain ports being open to support the mechanics of the software. The table below lists the ports that need to remain open for all of the Data Security software/hardware configurations.

If you have a security policy in place, exclude these ports from that policy so that Data Security can operate properly. If you do not, the policy you have in place may disrupt Data Security functionality.

You can lock down or "harden" your security systems once these ports are open.

Important

Data Security agents and machines with a policy engine, such as a Data Security Server or Websense Content Gateway machine, must have direct connection to the Data Security Management Server (on the TRITON management server). When deployed in a DMZ or behind a firewall, the relevant ports must be allowed.

Human interface device (Administrator Client)

Outbound

To

Port

Purpose

TRITON - Data Security

19448

UI browsing

TRITON - Data Security

9443

UI browsing

TRITON - Data Security

3389

Remote desktop

Protector

22

SSH

Inbound

(None)

Data Endpoint Client

Outbound

To

Port

Purpose

Data Security Server

443*

Connect to Endpoint Server

Data Security Server

80**

Connect to Endpoint Server

* You can choose between secured and unsecured connections. The default is secured (HTTPS, port 443).

** Optional

Inbound

(None)

Data Endpoint Server

Outbound

To

Port

Purpose

TRITON - Data Security

443

Retrieve fingerprints and natural language processing scripts

TRITON - Data Security

8891

Status

TRITON - Data Security

17443

Incidents

Endpoint Client

80

Inbound

From

Port

Purpose

TRITON - Data Security

443

Retrieve fingerprints and natural language processing scripts

Endpoint Client

80

Incidents

Endpoint Client

17443

Incidents

Supplemental Data Security Server

17444

Retrieve fingerprints and natural language processing scripts

Printer Agent

Outbound

To

Port

Purpose

TRITON - Data Security

443

Secure communications

TRITON - Data Security

8888

Configuration and deployment

TRITON - Data Security

8889

Registration - MGMTD

TRITON - Data Security

18404*

Secure content transport

TRITON - Data Security

17443

Data Security Server

8888

Registration - MGMTD

Data Security Server

18404

Secure content transport

* Necessary for load balancing with TRITON - Data Security.

** This is the default. Other ports can be configured.

Inbound

(None)

ISA Agent

Outbound

To

Port

Purpose

TRITON - Data Security

443

Secure communications

TRITON - Data Security

8888

Configuration and deployment

TRITON - Data Security

8889

Registration - MGMTD

TRITON - Data Security

18404*

Secure content transport

Data Security Server

8888

Registration - MGMTD

Data Security Server

18404

Secure content transport

80

* Necessary for load balancing with TRITON - Data Security.

** This is the default. Other ports can be configured.

Inbound

(None)

SMTP Agent

Outbound

To

Port

Purpose

TRITON - Data Security

8888

Configuration and deployment

TRITON - Data Security

18404

Secure communications

TRITON - Data Security

8889

Registration

Data Security Server

8888

Registration

Data Security Server

18404

Secure content transport

Next hop MTA

25*

SMTP for inbound/outbound traffic

* This is the default. Other ports can be configured.

Inbound

From

Port

Purpose

Previous MTA

25*

SMTP for inbound/outbound traffic

* This is the default. Other ports can be configured.

TRITON - Web Security

Outbound

To

Port

Purpose

TRITON - Data Security

56992

Linking Service

Inbound

From

Port

Purpose

TRITON - Data Security, Data Security Server, Protector, Content Gateway

56992

Linking Service

Discovery and Fingerprint Agent (Crawler)

Outbound

To

Port

Purpose

TRITON - Data Security

8888

Configuration and deployment

TRITON - Data Security

8889

Registration

TRITON - Data Security

443

Secure communication

TRITON - Data Security

5820

Fingerprinting

TRITON - Data Security

9080

Resource resolution

Data Security Server

8888

Registration

Data Security Server

18404

Secure content transport

Data Security Server

9080

Resource resolution

Salesforce server

80 or 8080

Salesforce discovery

Inbound

From

Port

Purpose

TRITON - Data Security

9797

Crawler listening

Exchange Server

Outbound

(None)

Inbound

From

Port

Purpose

Data Security Server - Discovery and Fingerprint Agent

80

Exchange discovery

Data Security Server - Discovery and Fingerprint Agent

443

Exchange discovery

File Server

Outbound

(None)

Inbound

From

Port

Purpose

Discovery and Fingerprint Agent

139

File sharing access

Discovery and Fingerprint Agent

445

File sharing access

Sharepoint Server

Outbound

(None)

Inbound

From

Port

Discovery and Fingerprint Agent

80

Discovery and Fingerprint Agent

443

Database Server

Outbound

To

Port

Purpose

Discovery and Fingerprint Agent

Varies

The port that allows connection to the database (according to database type)

Inbound

From

Port

Purpose

Discovery and Fingerprint Agent

Varies

The port that allows connection to the database (according to database type)

TRITON - Data Security

Outbound

(None)

Inbound

From

Port

Purpose

Data Security Server, Protector, Content Gateway

8888

Registration

Data Security Server, Protector, Content Gateway

17443

Incidents

Data Security Server, Protector, Content Gateway

139

File sharing

Data Security Server, Protector, Content Gateway

443

Secure communication

Data Security Server, Protector, Content Gateway

445

File sharing

Data Security Server, Protector, Content Gateway

5819-5822

Fingerprint repository

Data Security Server, Protector, Content Gateway

8453

User repository

Data Security Server, Protector, Content Gateway

8005

Tomcat server

Data Security Server, Protector, Content Gateway

8889

Registration

Data Security Server, Protector, Content Gateway

18303

Local agents analysis

Data Security Server, Protector, Content Gateway

18404

Analysis

Data Security Server, Protector, Content Gateway

17444

Fingerprint distribution

Data Security Server

Outbound

To

Port

Purpose

TRITON - Data Security

17443

Incidents

TRITON - Data Security

18404

Analysis

Inbound

From

Port

Purpose

TRITON - Data Security

8888

Registration

TRITON - Data Security

8889

TRITON - Data Security

8892

Syslog

TRITON - Data Security

139

File sharing

TRITON - Data Security

445

File sharing

Content Gateway

Outbound

To

Port

Purpose

TRITON - Data Security

80

Fingerprint sync

TRITON - Data Security

5821

Fingerprint sync

TRITON - Data Security

5819

Non-default fingerprint detection

TRITON - Data Security

8443

Registration

TRITON - Data Security

9443

Syslog

TRITON - Data Security

18303

Local agents analysis

TRITON - Data Security

8888

MGMTD

TRITON - Data Security

17444

Retrieve fingerprints and natural language processing scripts

TRITON - Data Security

8889

MGMTD

Websense Web Security

56992

Linking Service

Data Security Server

18404

Analysis

Inbound

(None)

Protector

Outbound

To

Port

Purpose

TRITON - Data Security

8888

Settings deployment

TRITON - Data Security

18303

Local agents analysis

TRITON - Data Security

5819

Non-default fingerprint detection

TRITON - Data Security

5821

Fingerprint sync

TRITON - Data Security

5820

Fingerprint repository

TRITON - Data Security

17443

Syslog, forensics, incidents

TRITON - Data Security

17444

Pull configurations

TRITON - Data Security

80

Fingerprint sync

Data Security Server

8888

Settings deployment

Data Security Server

8889

MGMTD

Data Security Server

8892

MGMTD

Data Security Server

18404

Analysis

Data Security Server

9080

Analysis

Next hop MTA

25*

SMTP

TRITON Unified Security Center

56992

Linking Service

Other

UDP 123

Inbound/

outbound NTPD (available on the appliance yet disabled by default)

* Explicit MTA

Inbound

From

Port

Purpose

TRITON - Data Security

8888

Settings deployment

Anywhere (including TRITON - Data Security)

22

SSH access

Data Security Server

8888

Settings deployment

Explicit MTA

25*

SMTP

Explicit MTA

10025*

SMTP, mail analysis

* Explicit MTA

ICAP client

Outbound

(None)

Inbound

To

Port

Protector

1344

Email Security Gateway

The following ports are used on the Email Security Gateway appliance.

Interface

Port

Direction

Description

C/E1/E2

6643

Inbound

Personal Email Manager load balancing

C/E1/E2

(C recommended)

6671

Inbound

SSL proxy to be accessed by TRITON - Email Security

C/E1/E2

9449

Inbound

Personal Email Manager user interface

E1/E2

8888

Inbound

Email data loss prevention system health and log data

E1/E2

9080

Inbound

Email data loss prevention resource allocation requests

E1/E2

25

Inbound

SMTP

E1/E2

2525

Inbound

Receipt of messages from Data Security for encryption

The following ports are used on the appliance for connections to TRITON - Data Security.

Interface

Port

Direction

Description

E1/E2

25

Outbound

SMTP

E1/E2

8888

Outbound

Fingerprint status

E1/E2

5821

Outbound

Fingerprint repository

E1/E2

17443

Outbound

Registration, syslog, forensics, incidents

E1/E2

17444

Outbound

Fingerprint download

E1/E2

18404

Outbound

Message analysis

The following ports are used by Email Security Gateway for off-appliance system components.

Interface

Port

Direction

Description

E1/E2

9443

Inbound

TRITON - Email Security (via TRITON Unified Security Center)

E1/E2

50800

Outbound

Email Security Log Server

E1/E2

1433

1434

Outbound

Email security log database default instance

E1/E2

443

Outbound

Hybrid service

E1/E2

15868

Outbound

Websense Web Filter

E1/E2

389

636

Outbound

LDAP server

E1/E2

80

Outbound

Database download server

E1/E2

53

Outbound

DNS server

C

162

Outbound

SNMP Trap server

	Important Data Security agents and machines with a policy engine, such as a Data Security Server or Websense Content Gateway machine, must have direct connection to the Data Security Management Server (on the TRITON management server). When deployed in a DMZ or behind a firewall, the relevant ports must be allowed.

To	Port	Purpose
TRITON - Data Security	19448	UI browsing
TRITON - Data Security	9443	UI browsing
TRITON - Data Security	3389	Remote desktop
Protector	22	SSH

To	Port	Purpose
Data Security Server	443*	Connect to Endpoint Server
Data Security Server	80**	Connect to Endpoint Server
* You can choose between secured and unsecured connections. The default is secured (HTTPS, port 443). ** Optional

To	Port	Purpose
TRITON - Data Security	443	Retrieve fingerprints and natural language processing scripts
TRITON - Data Security	8891	Status
TRITON - Data Security	17443	Incidents
Endpoint Client	80

From	Port	Purpose
TRITON - Data Security	443	Retrieve fingerprints and natural language processing scripts
Endpoint Client	80	Incidents
Endpoint Client	17443	Incidents
Supplemental Data Security Server	17444	Retrieve fingerprints and natural language processing scripts

To	Port	Purpose
TRITON - Data Security	443	Secure communications
TRITON - Data Security	8888	Configuration and deployment
TRITON - Data Security	8889	Registration - MGMTD
TRITON - Data Security	18404*	Secure content transport
TRITON - Data Security	17443
Data Security Server	8888	Registration - MGMTD
Data Security Server	18404	Secure content transport
* Necessary for load balancing with TRITON - Data Security. ** This is the default. Other ports can be configured.

To	Port	Purpose
TRITON - Data Security	443	Secure communications
TRITON - Data Security	8888	Configuration and deployment
TRITON - Data Security	8889	Registration - MGMTD
TRITON - Data Security	18404*	Secure content transport
Data Security Server	8888	Registration - MGMTD
Data Security Server	18404	Secure content transport
	80
* Necessary for load balancing with TRITON - Data Security. ** This is the default. Other ports can be configured.

To	Port	Purpose
TRITON - Data Security	8888	Configuration and deployment
TRITON - Data Security	18404	Secure communications
TRITON - Data Security	8889	Registration
Data Security Server	8888	Registration
Data Security Server	18404	Secure content transport
Next hop MTA	25*	SMTP for inbound/outbound traffic

* This is the default. Other ports can be configured.

From	Port	Purpose
Previous MTA	25*	SMTP for inbound/outbound traffic
* This is the default. Other ports can be configured.

To	Port	Purpose
TRITON - Data Security	56992	Linking Service

From	Port	Purpose
TRITON - Data Security, Data Security Server, Protector, Content Gateway	56992	Linking Service

To	Port	Purpose
TRITON - Data Security	8888	Configuration and deployment
TRITON - Data Security	8889	Registration
TRITON - Data Security	443	Secure communication
TRITON - Data Security	5820	Fingerprinting
TRITON - Data Security	9080	Resource resolution
Data Security Server	8888	Registration
Data Security Server	18404	Secure content transport
Data Security Server	9080	Resource resolution
Salesforce server	80 or 8080	Salesforce discovery

From	Port	Purpose
TRITON - Data Security	9797	Crawler listening

From	Port	Purpose
Data Security Server - Discovery and Fingerprint Agent	80	Exchange discovery
Data Security Server - Discovery and Fingerprint Agent	443	Exchange discovery

From	Port	Purpose
Discovery and Fingerprint Agent	139	File sharing access
Discovery and Fingerprint Agent	445	File sharing access

From	Port
Discovery and Fingerprint Agent	80
Discovery and Fingerprint Agent	443

To	Port	Purpose
Discovery and Fingerprint Agent	Varies	The port that allows connection to the database (according to database type)

From	Port	Purpose
Discovery and Fingerprint Agent	Varies	The port that allows connection to the database (according to database type)

From	Port	Purpose
Data Security Server, Protector, Content Gateway	8888	Registration
Data Security Server, Protector, Content Gateway	17443	Incidents
Data Security Server, Protector, Content Gateway	139	File sharing
Data Security Server, Protector, Content Gateway	443	Secure communication
Data Security Server, Protector, Content Gateway	445	File sharing
Data Security Server, Protector, Content Gateway	5819-5822	Fingerprint repository
Data Security Server, Protector, Content Gateway	8453	User repository
Data Security Server, Protector, Content Gateway	8005	Tomcat server
Data Security Server, Protector, Content Gateway	8889	Registration
Data Security Server, Protector, Content Gateway	18303	Local agents analysis
Data Security Server, Protector, Content Gateway	18404	Analysis
Data Security Server, Protector, Content Gateway	17444	Fingerprint distribution

To	Port	Purpose
TRITON - Data Security	17443	Incidents
TRITON - Data Security	18404	Analysis

From	Port	Purpose
TRITON - Data Security	8888	Registration
TRITON - Data Security	8889
TRITON - Data Security	8892	Syslog
TRITON - Data Security	139	File sharing
TRITON - Data Security	445	File sharing

To	Port	Purpose
TRITON - Data Security	80	Fingerprint sync
TRITON - Data Security	5821	Fingerprint sync
TRITON - Data Security	5819	Non-default fingerprint detection
TRITON - Data Security	8443	Registration
TRITON - Data Security	9443	Syslog
TRITON - Data Security	18303	Local agents analysis
TRITON - Data Security	8888	MGMTD
TRITON - Data Security	17444	Retrieve fingerprints and natural language processing scripts
TRITON - Data Security	8889	MGMTD
Websense Web Security	56992	Linking Service
Data Security Server	18404	Analysis

To	Port	Purpose
TRITON - Data Security	8888	Settings deployment
TRITON - Data Security	18303	Local agents analysis
TRITON - Data Security	5819	Non-default fingerprint detection
TRITON - Data Security	5821	Fingerprint sync
TRITON - Data Security	5820	Fingerprint repository
TRITON - Data Security	17443	Syslog, forensics, incidents
TRITON - Data Security	17444	Pull configurations
TRITON - Data Security	80	Fingerprint sync
Data Security Server	8888	Settings deployment
Data Security Server	8889	MGMTD
Data Security Server	8892	MGMTD
Data Security Server	18404	Analysis
Data Security Server	9080	Analysis
Next hop MTA	25*	SMTP
TRITON Unified Security Center	56992	Linking Service
Other	UDP 123	Inbound/ outbound NTPD (available on the appliance yet disabled by default)
* Explicit MTA

From	Port	Purpose
TRITON - Data Security	8888	Settings deployment
Anywhere (including TRITON - Data Security)	22	SSH access
Data Security Server	8888	Settings deployment
Explicit MTA	25*	SMTP
Explicit MTA	10025*	SMTP, mail analysis
* Explicit MTA

To	Port
Protector	1344

Interface	Port	Direction	Description
C/E1/E2	6643	Inbound	Personal Email Manager load balancing
C/E1/E2 (C recommended)	6671	Inbound	SSL proxy to be accessed by TRITON - Email Security
C/E1/E2	9449	Inbound	Personal Email Manager user interface
E1/E2	8888	Inbound	Email data loss prevention system health and log data
E1/E2	9080	Inbound	Email data loss prevention resource allocation requests
E1/E2	25	Inbound	SMTP
E1/E2	2525	Inbound	Receipt of messages from Data Security for encryption

Interface	Port	Direction	Description
E1/E2	25	Outbound	SMTP
E1/E2	8888	Outbound	Fingerprint status
E1/E2	5821	Outbound	Fingerprint repository
E1/E2	17443	Outbound	Registration, syslog, forensics, incidents
E1/E2	17444	Outbound	Fingerprint download
E1/E2	18404	Outbound	Message analysis

Interface	Port	Direction	Description
E1/E2	9443	Inbound	TRITON - Email Security (via TRITON Unified Security Center)
E1/E2	50800	Outbound	Email Security Log Server
E1/E2	1433 1434	Outbound	Email security log database default instance
E1/E2	443	Outbound	Hybrid service
E1/E2	15868	Outbound	Websense Web Filter
E1/E2	389 636	Outbound	LDAP server
E1/E2	80	Outbound	Database download server
E1/E2	53	Outbound	DNS server
C	162	Outbound	SNMP Trap server

Quick Links

Default ports