Environment
McAfee ePolicy Orchestrator 4.x
McAfee Agent 4.x
McAfee Agent 4.x
For details of all supported operating systems, see
KB51109.Summary
The following tables display the ports needed by ePolicy Orchestrator (ePO) 4.x for communication through a firewall:
McAfee ePolicy Orchestrator 4.0
SQL Server:
| Port | Default | Description | Traffic direction |
| Agent to server communication port | 80 | TCP port opened by the ePO Server service to receive requests from agents. | Inbound/Outbound connection to/from the ePO server. |
| Agent wake-up communication port SuperAgent repository port |
8081 | TCP port opened by agents to receive agent wakeup requests from the ePO server. TCP port opened to replicate repository content to a SuperAgent repository. |
Outbound connection from the ePO server. |
| Agent broadcast communication port | 8082 | UDP port opened by SuperAgents to forward messages from the ePO server. | Outbound connection from the SuperAgents. |
| Console-to-application server communication port | 8443 | HTTPS port opened by the ePO Application Server service to allow web browser UI access. | Inbound connection to the ePO server. |
| Sensor-to-server communication port | 8444 | HTTPS port opened by the ePO Application Server service to receive RSD and Event Parser connections. Also, used by the Agent Handler to talk to the ePO server to get required information (like LDAP servers). | Inbound connection to the ePO server. |
| Security threats communication port | 8801 | HTTP port hosted by McAfee Labs for retrieving security threat feed. Note that this port cannot be changed. | Outbound connection from the ePO server. |
| SQL server TCP port | 1433 | TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. | Outbound connection from the ePO server. |
McAfee ePolicy Orchestrator 4.5
| Port | Default | Description | Traffic direction |
| Agent to server communication port | 80 | TCP port opened by the ePO Server service to receive requests from agents. | Inbound/Outbound connection to/from the ePO server/Agent Handler. |
| Agent communicating over SSL (4.5 and later agents only) | 443 | By default, 4.5 agents should communicate over SSL (443 by default). | Inbound/Outbound connection to/from the ePO server/Agent Handler. |
| Agent wake-up communication port SuperAgent repository port |
8081 | TCP port opened by agents to receive agent wakeup requests from the ePO server. TCP port opened to replicate repository content to a SuperAgent repository. |
Outbound connection from the ePO server/Agent Handler. |
| Agent broadcast communication port | 8082 | UDP port opened by SuperAgents to forward messages from the ePO server/Agent Handler. | Outbound connection from the SuperAgents. |
| Console-to-application server communication port | 8443 | HTTPS port opened by the ePO Application Server service to allow web browser UI access. | Inbound connection to the ePO server. |
| Client-to-server authenticated communication port | 8444 | HTTPS port opened by the ePO Application Server service to receive RSD connections. Also, used by the Agent Handler to talk to the ePO server to get required information (like LDAP servers). | Inbound connection to the ePO server. Outbound connection from remote Agent Handlers. |
| Security threats communication port | 8801 | HTTP port hosted by McAfee Labs for retrieving security threat feed. Note that this port cannot be changed. | Outbound connection from the ePO server. |
| SQL server TCP port | 1433 | TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. | Outbound connection from the ePO server/Agent Handler. |
| SQL server UDP port | 1434 | UDP port used to request the TCP port that the SQL instance hosting the ePO database is using. | Outbound connection from the ePO server/Agent Handler. |
| Default LDAP server port | 389 | LDAP connection to look up computers, users, groups, and Organizational Units for User Based Policies. | Outbound connection from the ePO server/Agent Handler. |
| Default SSL LDAP server port | 636 | User Based Policies use the LDAP connection to look up users, groups, and Organizational Units. | Outbound connection from the ePO server/Agent Handler. |
McAfee ePolicy Orchestrator 4.6
| Port | Default | Description | Traffic direction |
| Agent to server communication port | 80 | TCP port opened by the ePO Server service to receive requests from agents. | Inbound/Outbound connection to/from the ePO server/Agent Handler. |
| Agent communicating over SSL (4.5 and later agents only)
Software Manager |
443 | By default, 4.5 agents should communicate over SSL (443 by default). This port is also used for the remote Agent Handler to communicate with the ePO Master Repository. | Inbound/Outbound connection to/from the ePO server/Agent Handler. |
| Agent wake-up communication port SuperAgent repository port |
8081 | TCP port opened by agents to receive agent wakeup requests from the ePO server. TCP port opened to replicate repository content to a SuperAgent repository. |
Outbound connection from the ePO server/Agent Handler. |
| Agent broadcast communication port | 8082 | UDP port opened by SuperAgents to forward messages from the ePO server/Agent Handler. | Outbound connection from the SuperAgents. |
| Console-to-application server communication port | 8443 | HTTPS port opened by the ePO Application Server service to allow web browser UI access. | Inbound connection to the ePO server. |
| Client-to-server authenticated communication port | 8444 | HTTPS port opened by the ePO Application Server service to receive RSD connections. Also, used by the Agent Handler to talk to the ePO server to get required information (like LDAP servers). | Inbound connection to the ePO server. Outbound connection from remote Agent Handlers. |
| Security threats communication port | 8801 | HTTP port hosted by McAfee Labs for retrieving security threat feed. Note that this port cannot be changed. | Outbound connection from the ePO server. |
| SQL server TCP port | 1433 | TCP port used to communicate with the SQL server. This port is specified or determined automatically during the setup process. | Outbound connection from the ePO server/Agent Handler. |
| SQL server UDP port | 1434 | UDP port used to request the TCP port that the SQL instance hosting the ePO database is using. | Outbound connection from the ePO server/Agent Handler. |
| Default LDAP server port | 389 | LDAP connection to look up computers, users, groups, and Organizational Units for User Based Policies. | Outbound connection from the ePO server/Agent Handler. |
| Default SSL LDAP server port | 636 | User Based Policies use the LDAP connection to look up users, groups, and Organizational Units. | Outbound connection from the ePO server/Agent Handler. |
McAfee ePolicy Orchestrator 4.x (Ports/Traffic Quick Reference)
Agent Handler:
| Default Port | Protocol | Traffic direction |
| 80 | TCP | Inbound/Outbound connection to/from the Agent Handler. |
| 389 | TCP | Outbound connection from the Agent Handler. |
| 443 | TCP | Inbound/Outbound connection to/from the Agent Handler. |
| 636 | TCP | Outbound connection from the Agent Handler. |
| 1433 | TCP | Outbound connection from the Agent Handler. |
| 1434 | UDP | Outbound connection from the Agent Handler. |
| 8081 | TCP | Outbound connection from the Agent Handler. |
| 8444 | TCP | Outbound connection from the Agent Handler. |
ePO Server:
| Default Port | Protocol | Traffic direction |
| 80 | TCP | Inbound/Outbound connection to/from the ePO server. |
| 389 | TCP | Outbound connection from the ePO server. |
| 443 | TCP | Inbound/Outbound connection to/from the ePO server. |
| 636 | TCP | Outbound connection from the ePO server. |
| 1433 | TCP | Outbound connection from the ePO server. |
| 1434 | UDP | Outbound connection from the ePO server. |
| 8081 | TCP | Outbound connection from the ePO server. |
| 8443 | TCP | Inbound connection to the ePO server. |
| 8444 | TCP | Inbound connection to the ePO server. |
| 8801 | TCP | Outbound connection from the ePO server. |
McAfee Agent:
| Default Port | Protocol | Traffic direction |
| 80 | TCP | Inbound/Outbound connection from/to the ePO server/Agent Handler. |
| 443 | TCP | Inbound/Outbound connection from/to the ePO server/Agent Handler. |
| 8081 | TCP | Inbound/Outbound connection from/to the ePO server/Agent Handler. |
| 8082 | UDP | Inbound connection to Agents. Inbound/Outbound connection from/to SuperAgents. |
SQL Server:
| Default Port | Protocol | Traffic direction |
| 1433 | TCP | Inbound connection from the ePO server/Agent Handler. |
| 1434 | UDP | Inbound connection from the ePO server/Agent Handler. |
Related Information
KB55718 – Ports required by ePolicy Orchestrator 3.6.1 for communication through a firewall