Technical Library
|
Support
Quick Reference
>
Default ports for on-premises TRITON solutions
> TRITON AP-DATA ports
TRITON AP-DATA ports
Deployment and Installation Center | TRITON AP-DATA | v8.1.x
In this topic
Human interface device (administrator client)
TRITON AP-ENDPOINT DLP client
TRITON AP-ENDPOINT DLP server
TRITON AP-WEB manager
TRITON AP-WEB manager
TRITON AP-WEB manager
TRITON AP-WEB manager
Crawler agent (discovery and fingerprinting)
Exchange server
File server
SharePoint server
Database server
TRITON management server
Supplemental TRITON AP-DATA server
Web Content Gateway
TRITON AP-EMAIL
Protector
ICAP client
Mobile agent
FCI agent
The most robust and effective implementation of TRITON AP-DATA depends on certain ports being open to support the mechanics of the software. The ports for TRITON AP-DATA components are 17500-17515 by default. These ports must be left open for all TRITON AP-DATA software and hardware configurations.
If you have a security policy in place, exclude these ports from that policy so that TRITON AP-DATA can operate properly. If you do not, the policy you have in place may disrupt TRITON AP-DATA functionality.
The tables in the rest of this section list the inbound and outbound ports required for each TRITON AP-DATA component. (Note that Data Security manager refers to the user interface service. TRITON management server refers to the management service, MGMDT.)
You can lock down or "harden" your security systems once these ports are open.
Important
TRITON AP-DATA agents and machines with a policy engine, such as a TRITON AP-DATA Server or Websense Content Gateway machine, must have direct connection to the TRITON management server. When deployed in a DMZ or behind a firewall, the relevant ports must be allowed.
Human interface device (administrator client)
Outbound
To
Port
Purpose
Data Security manager
19448
User interface browsing
Data Security manager
9443
User interface browsing
Data Security manager
3389
Remote desktop
Protector
22
SSH
Inbound
None
TRITON AP-ENDPOINT DLP client
Outbound
To
Port
Purpose
TRITON AP-DATA Server
443*
Connect to endpoint server
TRITON AP-DATA Server
80**
Connect to endpoint server
* You can choose between secured and unsecured connection. The default is secured (HTTPS, port 443).
** Optional
Inbound
None
TRITON AP-ENDPOINT DLP server
Outbound
To
Port
Purpose
TRITON management server
443
Retrieve fingerprints and natural language processing scripts
TRITON management server
17443
Incidents
Inbound
From
Port
Purpose
TRITON management server
443
Retrieve fingerprints and natural language processing scripts
TRITON AP-ENDPOINT DLP Client
80, 443
Incidents
Supplemental TRITON AP-DATA Server
17444
Retrieve fingerprints and natural language processing scripts
TRITON AP-WEB manager
Outbound
To
Port
Purpose
TRITON management server
56992
Linking Service
Inbound
From
Port
Purpose
Data Security manager, TRITON AP-DATA Server, Protector, Web Content Gateway
56992
Linking Service
Crawler agent (discovery and fingerprinting)
Outbound
To
Port
Purpose
TRITON management server
443
Secure communication
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
Internet
443
Salesforce fingerprinting
* This range is necessary for load balancing.
Inbound
From
Port
Purpose
TRITON management server
9797*
Crawler listening
* This is only for the standalone crawler agent.
Exchange server
Outbound
None
Inbound
From
Port
Purpose
TRITON AP-DATA Server, Crawler Agent (Discovery and Fingerprinting)
80
Exchange discovery
TRITON AP-DATA Server, Crawler Agent (Discovery and Fingerprinting)
443
Exchange discovery
File server
Outbound
None
Inbound
From
Port
Purpose
Crawler Agent (Discovery and Fingerprinting)
139
File sharing access
Crawler Agent (Discovery and Fingerprinting)
445
File sharing access
SharePoint server
Outbound
None
Inbound
From
Port
Purpose
Crawler Agent (Discovery and Fingerprinting)
80
File sharing access
Crawler Agent (Discovery and Fingerprinting)
443
File sharing access
Database server
Outbound
To
Port
Purpose
Crawler Agent (Discovery and Fingerprinting)
Varies
The port that allows connection to the database (according to database type)
Inbound
From
Port
Purpose
Crawler Agent (Discovery and Fingerprinting)
Varies
The port that allows connection to the database (according to database type)
TRITON management server
Outbound
TRITON AP-DATA Server, Protector, Web Content Gateway, Email Security Gateway
17500-17515**
and
17700-17715***
Consecutive ports that allow communication with Websense agents and machines.
Inbound
From
Port
Purpose
TRITON AP-ENDPOINT DLP
80
Configuration
TRITON AP-DATA Server, Protector, Web Content Gateway
17443*
Incidents
TRITON Manager
17447
Processing batch jobs such as scheduled tasks
TRITON Manager
17446
Translating messages into sender/receiver protocols
TRITON AP-DATA Server, Protector, Web Content Gateway
139
File sharing
TRITON AP-DATA Server, Protector, Web Content Gateway
443
Secure communication
TRITON AP-DATA Server, Protector, Web Content Gateway
445
File sharing
TRITON AP-DATA Server, Protector, Web Content Gateway
8453
User repository
TRITON AP-DATA Server, Protector, Web Content Gateway
8005
Tomcat server
TRITON AP-DATA Server, Protector, Web Content Gateway, Email Security Gateway
17500-17515**
and
17700-17715***
Consecutive ports that allow communication with Websense agents and machines.
TRITON AP-DATA Server, Protector, Web Content Gateway
9443*
Access user interface
TRITON AP-DATA Server, Protector, Web Content Gateway
19448*
HTTP access to user interface
* This port should be left open. It is not configurable.
** This range is necessary for load balancing.
***Used when Web Content Gateway and Email Security Gateway are both installed.
Supplemental TRITON AP-DATA server
Outbound
To
Port
Purpose
TRITON management server
17443
Incidents
TRITON management server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
* This range is necessary for load balancing.
Inbound
From
Port
Purpose
TRITON management server
8892
Syslog
TRITON management server
139
File sharing
TRITON management server
445
File sharing
TRITON management server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
* This range is necessary for load balancing.
Web Content Gateway
Outbound
To
Port
Purpose
TRITON management server
80
Fingerprint sync
TRITON management server
17443
Syslog, forensics, incidents, mobile status
Web protection components
56992
Linking Service
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
* This range is necessary for load balancing.
Inbound
None
TRITON AP-EMAIL
The following ports are used on the appliance for outbound connections to TRITON AP-DATA.
Outbound
To
Port
Purpose
TRITON management server
17500-17515*
and
17700-17715**
Settings deployment, fingerprint repository
TRITON management server
17443
Syslog, forensics, incidents
TRITON management server
17444
Used to pull configuration settings
TRITON management server
80
Fingerprint repository sync
TRITON AP-DATA Server
17500-17515*
and
17700-17715**
MGMTD
* This range is necessary for load balancing.
**Used when Web Content Gateway and Email Security Gateway are both installed.
Protector
Outbound
To
Port
Purpose
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
TRITON management server
80
Fingerprint sync
TRITON management server
17443
Syslog, forensics, incidents, mobile status
Next hop MTA
25**
SMTP
TRITON AP-WEB
56992
Linking Service
Other
UDP 123
Inbound/
outbound NTPD (available on the appliance yet disabled by default)
* This range is necessary for load balancing.
** Explicit MTA
Inbound
From
Port
Purpose
TRITON management server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
Anywhere (including Data Security manager)
22
SSH access
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
Explicit MTA
25**
SMTP
Explicit MTA
10025**
SMTP, mail analysis
* This range is necessary for load balancing.
** Explicit MTA
ICAP client
Outbound
To
Port
Purpose
Protector
1344
Receiving ICAP traffic
Inbound
None
Mobile agent
Outbound
To
Port
Purpose
TRITON management server
17443
Syslog, forensics, incidents, mobile status
TRITON management server
80
Fingerprint sync
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
Microsoft Exchange Server
80/443
ActiveSync (user defined using TRITON - Data Security)
TRITON AP-WEB
56992
Linking Service
Other
UDP 123
Inbound/
outbound NTPD (available on the appliance yet disabled by default)
* This range is necessary for load balancing.
Inbound
From
Port
Purpose
TRITON management server
5820
Settings deployment
Mobile Devices
80/443
ActiveSync (user defined using TRITON - Data Security)
TRITON management server
8892
Management
TRITON management server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
Anywhere (including the Mobile agent)
22
SSH access
TRITON AP-DATA Server
5443
Release quarantined messages
* This range is necessary for load balancing.
FCI agent
Outbound
To
Port
Purpose
TRITON management server
443
Secure communications
TRITON management server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
TRITON AP-DATA Server
17500-17515*
Consecutive ports that allow communication with Websense agents and machines.
* This range is necessary for load balancing.
Inbound
Microsoft FSRM
5985
Microsoft File Server Resource Manager (FSRM)
Quick Reference
>
Default ports for on-premises TRITON solutions
> TRITON AP-DATA ports
Copyright 2016 Forcepoint LLC. All rights reserved.