[KB3608] Which ports does ESET Remote Administrator use? (6.x)

0
(0)

Solution

ESET business product no longer supported

This article applies to an ESET product version that is currently in End of Life status and is no longer supported. The content in this article is no longer updated.

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

ESET Security Management Center (ESMC) users

Are you using ESET Security Management Center 7? Read about ports used by ESMC 7.

  • Client (ERA Agent) or Apache HTTP Proxy machine
  • ERA Proxy machine
  • ERA Web Console machine (if not the same as ERA Server machine)
  • ERA Server machine
  • ERA MDC machine
  • MDM managed device
  • ERA Agent – used for remote deployment of ERA Agent to a target computer with Windows OS

The table below lists all possible network communication ports used when ESET Remote Administrator and its components are installed in your environment. Another communication occurs via the native operating system processes (for example, NetBIOS over TCP/IP).

Ports information

  • The pre-defined ports 2222, 2223 can be changed if they are already in use by other applications.
  • All the ports listed below must not be used by other applications.
  • Make sure to configure firewalls within your environment to allow for communication via the ports listed below.

Client (ERA Agent) or Apache HTTP Proxy machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound
UDP 1237 Wake-Up Call for IPv4 Inbound
UDP 1238 Wake-Up Call for IPv6 Inbound
TCP 3128 Listen to Apache HTTP Proxy Inbound*
* at the Apache HTTP Proxy machine open the port 3128 inbound and outbound.

ERA Proxy machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound

ERA Web Console machine (if not the same as ERA Server machine)

Protocol Port Description Open connections
TCP 2223 Communication between ERA Web Console and ERA Server, used for Assisted installation Inbound and outbound
TCP 443 / 80 Tomcat broadcasting the Web Console. Inbound and outbound

ERA Server machine

Protocol Port Description Open connections
TCP 2222 Communication between ERA Agents and ERA Server Inbound and outbound
UDP 1237 Wake-Up Call for IPv4 Inbound
UDP 1238 Wake-Up Call for IPv6 Inbound
TCP 3128 Listen to Apache HTTP Proxy Inbound*
TCP 1433/3306 Connection to an external database (only if the database is on a another machine). Outbound
TCP 389 LDAP synchronization. Open this port also on your AD controller. Inbound and outbound

* at the Apache HTTP Proxy machine open the port 3128 inbound and outbound.

ERA MDC machine

Protocol Port Description Open connections
TCP 9977 Internal communication between Mobile Device Connector and ERA Agent
TCP 9978 Internal communication between Mobile Device Connector and ERA Agent
TCP 9980 Mobile device enrollment Inbound
TCP 9981 Mobile device communication Inbound
TCP 2195 Sending notifications to Apple Push Notification services

(gateway.push.apple.com)

 Outbound
TCP 2196 Apple Feedback service

(feedback.push.apple.com)

 Outbound
TCP 443
  • Connection to the ESET licensing portal. (edf.eset.com)
  • DEP (mdmenrollment.apple.com)
  • Google push notifications (android.googleapis.com)
 Outbound
TCP 2222 Communication (replication) between ERA Agent, MDC and ERA Server Outbound
TCP 1433 / 3306 Connection to an external database (only if the database is on a another machine). Outbound

MDM managed device

A mobile device managed by ERA needs access to these ports. You can allow them in your company Wi-Fi if you connect your mobile devices there.
Protocol Port Description Open connections
TCP 9980 Mobile device enrollment Outbound
TCP 9981 Mobile device communication Outbound
TCP 5223 External communication with Apple Push Notification services (iOS) Outbound
TCP 443
  • Fallback on Wi-Fi only, when devices can’t reach APNs on port 5223.(iOS)
  • Android Device connection to GCM server.
  • Connection to the ESET licensing portal.
  • LiveGrid (Android) (Inbound: https://i1.c.eset.com ;Outbound:  https://i3.c.eset.com )
  • Anonymous statistical information to ESET`s Threat Lab (Android) (https://ts.eset.com)
  • Apps categorization installed on the device. Used for AppGuard when blocking of some app categories was defined. (Android) (https://play.eset.com)
  • To send a support request using the Support Request function. (Android) (https://suppreq.eset.eu)
 Outbound

Inbound and outbound (LiveGrid and Threat Lab)
TCP 5228, 5229, 5230 Sending notifications to Google Cloud Messaging (Android) Outbound
TCP 80
  • Modules update (Android) (http://update.eset.com)
  • Used only in the Web version. Info about latest app version update and download of a new version. (Android) (http://go.eset.eu)
 Inbound

ERA Agent – used for remote deployment of ERA Agent to a target computer with Windows OS

Protocol Port Description Open connections
TCP 139 Using the share ADMIN$ Inbound and outbound
TCP 445 Direct access to shared resources using TCP/IP during remote installation (an alternative to TCP 139) Inbound and outbound
UDP 137 Name resolution during remote install Inbound and outbound
UDP 138 Browse during remote install Inbound and outbound
Languages
Last Updated: Jul 12, 2021

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 39 times, 1 visits today)
Tagged: