gravityzone-communication-ports

The following table provides information on the ports used by the GravityZone components, when the security solution is installed on the premises of your company:

ComponentDirectionPortSource / DestinationDescription
Web ConsoleInbound80 (HTTP)AnyAccess to the Control Center web console, redirect to 443
443 (HTTPS)AnyAccess to the Control Center web console
Outbound27017GravityZone Database ServerAccess to the GravityZone Database
389 (LDAP)Domain ControllerActive Directory integration
636 (LDAPS)
3268Domain Controller Global Catalog
3269
443vShield ManagervShield Manager integration
HypervisorCommunication between GravityZone and Hypervisor
my.bitdefender.comMy Bitdefender account integration
lv2.bitdefender.comLicense validation
7074Update ServerDownloading updates
7075
9440Nutanix Prism ElementNutanix Prism Element integration
Both4369, 5672, 6150GravityZone ApplianceRabbitMQ communication between all the nodes of the GravityZone management cluster
32002 Web ConsoleWeb Console to Web Console communication on distributed roles
Communication ServerInbound8443AnyManagement Traffic – Security Server Agent, Mobile Client management
Outbound27017GravityZone Database ServerAccess to the GravityZone Database
5228, 5229, 5230Firebase Cloud MessagingPush notifications to Android devices
2195, 2196, 5223Apple Push Notification servicePush notifications to iOS devices. For more information, refer to this Apple KB article.
7074Update ServerDownloading updates
7075
Both4369,
5672, 6150
GravityZone ApplianceRabbitMQ communication between all the nodes of the GravityZone management cluster.
8080Windows XP / Windows Server 2003Communication with the GravityZone Appliance for normal and silent deployment
Database ServerInbound27017GravityZone Database ServerAccess to the GravityZone Database
Outbound7074Update ServerDownloading updates
7075
Update ServerInbound7074Update ServerPorts used to allow communication between Control Center and Communication Server.
7075
Outbound80upgrade.bitdefender.comPublishing updates
download.bitdefender.comDownloading updates
443upgrade.bitdefender.comPublishing updates
download.bitdefender.comDownloading updates
nimbus.bitdefender.netAntimalware, antiphishing and content control scanning with Bitdefender Cloud Servers
53*.v1.bdnsrt.orgDNS requests for signature update checks
7074Other local update server (optional)Downloading updates
7075Outside proxy servers (if configured)
download.bitdefender.com
upgrade.bitdefender.com
lv2.bitdefender.com
mybitdefender.com
Handles communication between GravityZone services and the outside world.
Both7077AnyStaging Update Server communication.
All roles of the GravityZone VAOutbound123Network Time Protocol serverTime synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
Both22GravityZone virtual appliancesInternal communication between GravityZone virtual appliances in the management cluster
Report Builder DatabaseInbound27017Report Builder ProcessorsListening for requests
22SSH ServerShell Access
OutboundN/AN/AN/A
Report Builder ProcessorsInbound6379Communication ServerListening for requests
22SSH ServerShell Access
Outbound27017GravityZone DatabaseAccess to the databases
Both80Web ConsoleAccess to Web Console, redirect HTTP request to port 443; Listening for requests
443Web ConsoleAccess to Web Console; Listening for requests
Sandbox AnalyzerBoth443Sandbox Analyzer PortalAllows communication between the endpoint and the Sandbox Analyzer Portal.
Handles file submission to sandbox-portal.gravityzone.bitdefender.com.
BEST Endpoint SecurityOutbound80submit.bitdefender.comPort used for submitting endpoint dumps in case of crashes.
upgrade.bitdefender.comThe official Bitdefender update server
lv2.bitdefender.comLicense validation
53*.v1.bdnsrt.orgDNS requests for signature update checks
7074Update ServerDownloading updates from Update Server
Endpoint Security/BEST Relay (if available)Downloading installation packages in the deployment phase from Endpoint Security/BEST Relay
Communication messages received from endpoints linked to Endpoint Security/BEST Relay
7076Bitdefender Cloud Servers:
nimbus.bitdefender.net/elam/blob
Encrypted communication messages (when Endpoint Security/BEST Relay is used as a proxy)
8080, 8443Communication ServerLink between Endpoint Security/BEST and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443Web ServerDownloading installation packages during deployment  (Setup Downloader)
nimbus.bitdefender.netAntimalware, antiphishing and content control scanning with Bitdefender Cloud Servers
7081Security ServerAntimalware scanning with Security Server
7083Security ServerAntimalware scanning with Security Server when using SSL traffic encryption
InboundN/AN/AN/A
BEST Relay/Endpoint SecurityOutbound80submit.bitdefender.comPort used for submitting endpoint dumps in case of crashes.
upgrade.bitdefender.comThe official Bitdefender update server
lv2.bitdefender.comLicense validation
53*.v1.bdnsrt.orgDNS requests for signature update checks
7074Update ServerDownloading updates from Update Server
Endpoint Security/BEST Relay* (if available)Downloading installation packages in the deployment phase from Endpoint Security/BEST Relay
Communication messages received from endpoints linked to Endpoint Security/BEST Relay
7076Bitdefender Cloud Servers:
nimbus.bitdefender.net/elam/blob
Encrypted communication messages received from endpoints linked to Endpoint Security/BEST Relay
7081Security ServerAntimalware scanning with Security Server
7083Security ServerAntimalware scanning with Security Server when using SSL traffic encryption
8080, 8443Communication ServerLink between Endpoint Security/BEST Relay and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443Web ServerDownloading installation packages during deployment  (Setup Downloader)
nimbus.bitdefender.net/elam/blobEarly Launch Anti-Malware (ELAM) cloud server
nimbus.bitdefender.netAntimalware, antiphishing and content control scanning with Bitdefender Cloud Servers
Inbound7074Endpoint Security, BESTCommunication messages (such as settings and events) received from endpoints linked to Endpoint Security/BEST Relay
7076Endpoint Security, BESTEncrypted communication messages proxied from connected endpoints to Bitdefender Cloud Servers:
nimbus.bitdefender.net/elam/blob
Bitdefender Tools for Virtualized Environments Integrated with vShieldOutbound48651Security ServerAntimalware traffic scanning sent by vShield driver
8443Communication ServerLink between Bitdefender Tools (for Linux) and Communication Server
InboundN/AN/AN/A
Security Server for Virtualized Environments Integrated with vShieldOutbound7074Update ServerDownloading updates from Update Server
8443Communication ServerAntimalware traffic scanning sent by vShield driver
Inbound48652AnyCommunication between the hypervisor and Security Server
Security Server for Virtualized Environments Integrated with NSX-TOutbound7074Update ServerDownloading updates from Update Server
8443Communication ServerAntimalware traffic scanning sent by vShield driver
Inbound48652AnyCommunication between the hypervisor and Security Server
Bitdefender Tools for Virtualized Environments (Multi-Platform)Outbound7081Security ServerAntimalware scanning with Security Server
7083Security ServerAntimalware scanning with Security Server when using SSL traffic encryption
8443Communication ServerCommunication between Bitdefender Tools and Communication Server
Downloading installation packages during deployment
7074Update ServerDownloading updates
443Web ServerDownloading installation packages during deployment (Setup Downloader)
80nimbus.bitdefender.netAntimalware scanning with Bitdefender Cloud Servers
InboundN/AN/AN/A
Security Server for Virtualized Environments (Multi-Platform)Outbound443nimbus.bitdefender.net/katastif/managerAnonymized information regarding violations detected by Bitdefender HVI
nimbus.bitdefender.netPeriodical verification of antimalware detections with Bitdefender Cloud Servers
7074Update ServerDownloading updates from Update Server
8443Communication ServerLink between Security Server and Communication Server
Inbound1344AnyCommunication between NAS devices compliant with ICAP and Security Server
7081AnyAntimalware traffic scanning sent by Bitdefender Tools / BEST
7083AnyAntimalware traffic scanning sent by Bitdefender Tools / BEST over SSL
GravityZone Mobile ClientOutbound8443Communication ServerMobile Client management
443nimbus.bitdefender.netAntimalware and web security scanning with Bitdefender Cloud Servers (Android devices only)
443my.bitdefender.comLicense validation (Android devices only)
InboundN/AN/AN/A

* Since the relay is an update server that needs to listen all the time on a port, Bitdefender provides a mechanism able to automatically open a random port on localhost (127.0.0.1), so that the update server can receive proper configuration details. This mechanism applies when the default port 7074 is used by another application. In this case, the update server tries to open the 7075 port to listen on localhost. If 7075 port is also unavailable, the update server will search for another port that is free (in range of 1025 to 65535) and successfully bind to listen on localhost.

نوشته های مرتبط