Deep Security Manager 10 has reached end of support. Use the version selector (above) to see more recent versions of the Help Center.
Port numbers, URLs, and IP addresses
Deep Security default port numbers, URLs, IP addresses, and protocols are listed in the sections below. If a port, URL or IP address is configurable, a link is provided to the relevant configuration page.
If your network uses a proxy or load balancer, you can configure Deep Security to use it instead of the default ports and URLs listed on this page. For details, see Proxy settings and Load Balancers.
Deep Security port numbers
Port type | Default port number |
---|---|
Deep Security as a Service and Deep Security Manager listen ports |
Deep Security as a Service listen ports):
Deep Security Manager (on-premise) listen ports:
Deep Security AMI for AWS Marketplace ports:
Deep Security VM for Azure Marketplace listen ports:
|
Deep Security as a Service and Deep Security Manager destination ports |
Deep Security as a Service destination ports:
Deep Security Manager (on-premise), Deep Security AMI for AWS Marketplace, and Deep Security VM for Azure Marketplace destination ports:
* Notes:
|
Deep Security Agent/appliance listen port |
4118 can be closed if you are using agent-initiated communication. By default, agent-initiated communication is used with Deep Security as a Service, so 4118 can be closed. For all other deployment types (on-premise, and so on) bidirectional communication is used by default, so 4118 must be opened. See Agent-Manager communication for details. |
Deep Security Agent/appliance destination ports |
* Notes:
|
Deep Security Relay listen ports |
Relays are mandatory, unless you're using Deep Security as a Service, where they are optional. For details on relays, click here.
4123 should not be listening to connections from other computers, and you don't need to configure it in network firewall policies. But if you have firewall software (such as Windows Firewall or iptables) on the manager's server itself, verify that it does not block this connection to itself. Also verify that other applications do not use the same port (a port conflict). |
Deep Security Relay destination ports |
Relays are mandatory, unless you're using Deep Security as a Service, where they are optional. For details on relays, click here.
|
Deep Security URLs
If you need to restrict the URLs that are allowed in your environment, read this section.
You'll need to make sure your firewall allows traffic to the following: Trend Micro, Deep Security, AWS, and Azure server URLs on port 443 (HTTPS) and port 80 (HTTP).
Source | Destination server or service name | Destination URL |
---|---|---|
Deep Security as a Service, agents, relays | Deep Security as a Service |
In the list above, app.deepsecurity[...] is the Deep Security as a Service URL, agents.deepsecurity[...] and dsmim.deepsecurity[...] are the Deep Security as a Service heartbeat and activation server URLs, and relay.deepsecurity[...] is the URL of the relays hosted by Deep Security as a Service. For details on the heartbeat and activation servers, see Can you describe your SSL implementation and the credential provisioning system between the Agent and Manager?. |
SOAP and REST API clients | Deep Security SOAP and REST APIs |
Deep Security as a Service URLs:
Deep Security Manager (on-premise) URLs:
Deep Security AMI for AWS Marketplace, and Deep Security VM for Azure Marketplace URLs:
|
REST API clients | Deep Security Status Monitoring API |
Deep Security Manager (on-premise) URL:
Deep Security AMI for AWS Marketplace, and Deep Security VM for Azure Marketplace URL:
Deep Security as a Service does not support Status Monitoring. |
Deep Security as a Service, Deep Security Manager, agent/appliance, relay |
Download Center or web server Hosts software. |
|
Deep Security as a Service, Deep Security Manager |
Smart Protection Network - Used for event tagging with Integrity Monitoring. |
|
The agent/appliance |
Smart Protection Network - Used for behavior monitoring. |
|
The agent/appliance |
Smart Protection Network - Used for behavior monitoring and process memory scans. |
|
The agent/appliance |
Smart Protection Network - Smart Feedback |
|
The agent/appliance | Smart Protection Network - Smart Scan Service |
10.0 agents/appliances connect to:
9.6 and 9.5 agents/appliances connect to:
|
The agent/appliance | Smart Protection Network - Web Reputation Service |
10.0 agents/appliances connect to:
9.6 and 9.5 agents/appliances connect to:
|
Deep Security as a Service, Deep Security Manager |
Help and support |
|
Deep Security as a Service, Deep Security Manager |
Licensing and registration servers |
|
Browser on agent computers and the computer used to log in to the manager or Deep Security as a Service | Site Safety |
Optional. There are links to the URLs below within the manager and Deep Security as a Service UI, and on the agent's 'Your administrator has blocked access to this page for your safety' page.
|
The relay, |
Update Server (also called Active Update) Hosts security updates. |
|
Deep Security as a Service, Deep Security Manager |
AWS and Azure URLs Used for
|
AWS URLs
Azure URLs
The management.core.windows.net URL is only required if you used the v1 Azure connector available in Deep Security Manager 9.6 to add an Azure account to the manager. With Deep Security Manager 10.0 and later, a v2 connector is used, and does not require access to this URL. |