Go to the table of contents Go to the previous page Go to the next page
Forcepoint DLP ports
Deployment and Installation Center | Forcepoint DLP | v8.5.x
The most robust and effective implementation of Forcepoint DLP depends on certain ports being open to support the mechanics of the software. The ports for Forcepoint DLP components are 17500-17515 by default. These ports must be left open for all Forcepoint DLP software and hardware configurations.
If you have a security policy in place, exclude these ports from that policy so that Forcepoint DLP can operate properly. If you do not, the policy you have in place may disrupt Forcepoint DLP functionality.
The tables in the rest of this section list the inbound and outbound ports required for each Forcepoint DLP component.
You can lock down or "harden" your security systems once these ports are open.
 
Important 
Data Security module of the Security Manager (administrator client)
 
Forcepoint DLP Endpoint client
 
Forcepoint DLP Endpoint server
 
 
Web Security module of the Security Manager
 
 
Crawler agent (discovery and fingerprinting)
 
Exchange server
 
File server
 
SharePoint server
 
Database server
 
Forcepoint management server
 
Supplemental Forcepoint DLP server
 
Web Content Gateway
 
Forcepoint Email Security
The following ports are used on the appliance for outbound connections to Forcepoint DLP.
Protector
 
Cloud agent
 
ICAP client
 
Mobile agent
 
FCI agent
 
Analytics engine
The following ports must be kept open on the server running the analytics engine:

Go to the table of contents Go to the previous page Go to the next page
Copyright 2017 Forcepoint. All rights reserved.