Required Ports, Protocols, and Services

Management Center uses the following ports while operating. Ensure that you allow these ports when setting up
Management Center.

Inbound Connections to Management Center

Service Port Protocol Configurable? Source Description

SSL 8080 TCP No User's client
8082 Management Center web
console.*

SSH 22 TCP No User's client Management Center CLI

SSL 8082 TCP No User's client Management Center API
ProxySG 9009 TCP No ProxySG appliance
ProxySG appliance
Performance Statistics.*

ProxySG 9010 TCP No ProxySG appliance

Monitored assets that
support statistics export—
ProxySG and SSL Visibility
appliances.*

Management 2025 TCP No Alternate Management Used to transmit state and

Center Center appliance in a other pertinent information
Failover failover cluster. between primary and
secondary Management
Center appliances in a
failover pair.

*Ports 8080 and 9009 are disabled by default on new deployments. If you upgrade from version 1.x to version 2.x
and ports 8080 and 9009 were previously enabled in version 1.x (with the security http enable command) they
will remain open after the upgrade to 2.x. security

Outbound Connections from Management Center

Service Port Protocol Configurable? Destination Description

LDAP TCP Yes LDAP server Authentication
LDAPS 10389
389
636

Active 10389 TCP Yes Active Directory Authentication

Directory 389 server
636
RADIUS 1812 UDP/TCP Yes RADIUS server Authentication
RADIUS 1813 UDP/TCP Yes RADIUS server Accounting
SMTP 25 TCP Yes SMTP server SMTP alerts
SNMP Trap 162 UDP Yes Trap receiver SNMP traps
HTTP Proxy 8080 TCP Yes HTTP Proxy Updates
 Service Port Protocol Configurable? Destination Description
NTP 123 UDP/TCP No NTP server list Time sync to customer-
configured NTP time server
HTTPS 443 TCP No Symantec https://support.symantec.com
License activation,
Web Application Protection
(WAP) subscription, the
latest release information and
documentation
DNS 53 UDP/TCP No DNS server FQDN lookups
MA 443 TCP No Malware Health monitoring and
Analysis backup
PacketShaper 80/443 TCP No PacketShaper Health Monitoring
(unencrypted/encrypted)
Reporter 8080/8082 TCP No Reporter Reporter API
(unencrypted/encrypted)
ProxySG 22 TCP No ProxySG ProxySG appliance
appliance monitoring and management
Management 2025 TCP No Alternate Used to transmit state and
Center Management other pertinent information
Center appliance between primary and
in a failover secondary Management
cluster. Center appliances in a
failover pair.
VPM 8082 TCP No ProxySG Visual Policy Manager
appliance
CA 8080/8082 TCP No Content Analysis Health Monitoring
(unencrypted/encrypted)
SSL Visibility 443 TCP No SSL Visibility Health monitoring and
configuration synch

Required IP Addresses and URLs

Ensure connectivity from Management Center to the following URLs.

URL Protocol Port Description

199.19.250.195 HTTPS 443 Web Security Service policy updates.
199.116.168.195 TCP
validation.es.bluecoat.com HTTPS 443 Validates the license every 5 minutes. After
TCP successful validation, validation occurs every
hour.
bto-services.es.bluecoat.com HTTPS 443 Validates the license.
TCP
device-services.es.bluecoat.com HTTPS 443 License related.
TCP
services.es.bluecoat.com HTTPS 443 License related.
TCP
abrca.bluecoat.com HTTPS 443 Symantec CA.
TCP
URL Protocol Port Description
appliance.bluecoat.com HTTPS 443 Trust package downloads.
TCP
subscription.es.bluecoat.com HTTPS 443 Subscription services.
TCP
upload.bluecoat.com HTTPS 443 Upload diagnostic reports to Symantec support.
TCP
sgapi.es.bluecoat.com HTTPS 443 Universal VPM policy.
TCP

Copyright © Symantec Corporation.

Open topic with navigation