ESET PROTECT Server can be installed on the same computer as the database, ESET PROTECT Web Console and HTTP Proxy. The diagram below shows the separated installation and the used ports (arrows indicate the network traffic):
The tables below list all possible network communication ports used when ESET PROTECT and its components are installed in your infrastructure. Additional communication occurs via the native operating system processes (for example, NetBIOS over TCP/IP).
|
|
For the proper function of the ESET PROTECT, other applications should not use any of the ports below.
Ensure to configure any firewall(s) within your network to allow communication via the ports listed below.
|
Client (ESET Management Agent) or ESET Bridge (HTTP Proxy) machine
Protocol
|
Port
|
Descriptions
|
TCP
|
2222
|
Communication between ESET Management Agents and ESET PROTECT Server
|
TCP
|
80
|
Connection to the ESET repository
|
MQTT
|
8883, 443
|
ESET Push Notification Service—Wake-Up calls between ESET PROTECT Server and ESET Management Agent, 443 is failover port.
|
TCP
|
3128
|
Communication with ESET Bridge (HTTP Proxy)
|
TCP
|
443
|
Communication with ESET LiveGuard Advanced (Proxy only)
|
ESET Management Agent—ports used for remote deployment to a target computer with Windows OS:
Protocol
|
Port
|
Descriptions
|
TCP
|
139
|
Using the share ADMIN$
|
TCP
|
445
|
Direct access to shared resources using TCP/IP during remote installation (an alternative to TCP 139)
|
UDP
|
137
|
Name resolution during remote install
|
UDP
|
138
|
Browse during remote install
|
|
ESET PROTECT Web Console machine (if not the same as ESET PROTECT Server machine)
ESET PROTECT Server machine
Protocol
|
Port
|
Descriptions
|
TCP
|
2222
|
Communication between ESET Management Agent and ESET PROTECT Server
|
TCP
|
80
|
Connection to the ESET repository
|
MQTT
|
8883
|
ESET Push Notification Service—Wake-Up calls between ESET PROTECT Server and ESET Management Agent
|
TCP
|
2223
|
DNS resolving and MQTT fallback
|
TCP
|
3128
|
Communication with ESET Bridge (HTTP Proxy)
|
TCP
|
1433 (Microsoft SQL)
3306 (MySQL)
|
Connection to an external database (only if the database is on another machine).
|
TCP
|
389
|
LDAP synchronization. Open this port also on your AD controller.
|
UDP
|
88
|
Kerberos tickets (applies only to ESET PROTECT Virtual Appliance)
|
|
Rogue Detection (RD) Sensor
Protocol
|
Port
|
Descriptions
|
TCP
|
22, 139
|
Detection of operating system via SMB (TCP 139) and SSH (TCP 22) protocols.
|
UDP
|
137
|
Computer hostname resolution via NetBIOS.
|
|
ESET PROTECT MDC machine
Protocol
|
Port
|
Descriptions
|
TCP
|
9977
9978
|
Internal communication between Mobile Device Connector and ESET Management Agent
|
TCP
|
9980
|
Mobile device enrollment
|
TCP
|
9981
|
Mobile device communication
|
TCP
|
2195
|
Sending notifications to Apple Push Notification service.
(gateway.push.apple.com)
up to ESMC version 7.2.11.1
|
TCP
|
2196
|
Apple Feedback service
(feedback.push.apple.com)
up to ESMC version 7.2.11.1
|
HTTPS
|
2197
|
•Apple push notification and feedback
(api.push.apple.com)
ESMC version 7.2.11.3 and later
|
TCP
|
2222
|
Communication (replication) between ESET Management Agent, MDC and ESET PROTECT Server
|
TCP
|
1433 (Microsoft SQL)
3306 (MySQL)
|
Connection to an external database (only if the database is on another machine)
|
|
MDM managed device
Protocol
|
Port
|
Descriptions
|
TCP
|
9980
|
Mobile device enrollment
|
TCP
|
9981
|
Mobile device communication
|
TCP
|
5223
|
External communication with Apple Push Notification service (iOS)
|
TCP
|
443
|
•Fallback on Wi-Fi only, when devices cannot reach APNs on port 5223. (iOS)
•Android Device connection to GCM server.
•Connection to the ESET licensing portal.
•ESET LiveGrid® (Android) (Inbound: https://i1.c.eset.com ; Outbound: https://i3.c.eset.com)
•Anonymous statistical information to ESET Research Lab (Android) (https://ts.eset.com)
•Apps categorization installed on the device. Used for Application Control when blocking of some app categories was defined. (Android) (https://play.eset.com)
•To send a support request using the Support Request function (Android) (https://suppreq.eset.eu) |
TCP
|
5228
5229
5230
|
Sending notifications to Google Cloud Messaging (Android)*
Sending notifications to Firebase Cloud Messaging (Android)*
|
TCP
|
80
|
•Modules update (Android) (http://update.eset.com)
•Used only in the Web version. Info about the latest app version update and download of a new version. (Android) (http://go.eset.eu) |
|
* The GCM (Google Cloud Messaging) service is deprecated and was removed as of April 11, 2019. It was replaced by FCM (Firebase Cloud Messaging). MDM v7 replaced the GCM service with the FCM service by this date, at which point you only need to allow communication for the FCM service.
The pre-defined ports 2222, 2223 can be changed if necessary.