Go to the table of contents Go to the previous page Go to the next page
Forcepoint DLP ports
Deployment and Installation Center | Forcepoint DLP | v8.4.x
The most robust and effective implementation of Forcepoint DLP depends on certain ports being open to support the mechanics of the software. The ports for Forcepoint DLP components are 17500-17515 by default. These ports must be left open for all Forcepoint DLP software and hardware configurations.
If you have a security policy in place, exclude these ports from that policy so that Forcepoint DLP can operate properly. If you do not, the policy you have in place may disrupt Forcepoint DLP functionality.
The tables in the rest of this section list the inbound and outbound ports required for each Forcepoint DLP component.
You can lock down or "harden" your security systems once these ports are open.
Data Security module of the Security Manager (administrator client)
Forcepoint DLP Endpoint client
Forcepoint DLP Endpoint server
Web Security module of the Security Manager
Crawler agent (discovery and fingerprinting)
Exchange server
File server
SharePoint server
Database server
Forcepoint management server
Supplemental Forcepoint DLP server
Web Content Gateway
Forcepoint Email Security
The following ports are used on the appliance for outbound connections to Forcepoint DLP.
Cloud agent
ICAP client
Mobile agent
FCI agent
Analytics engine
The following ports must be kept open on the server running the analytics engine:

Go to the table of contents Go to the previous page Go to the next page
Copyright 2017 Forcepoint. All rights reserved.