View UVMSQL Appliance Firewall Settings and Port Requirements
Firewall Settings
- All outgoing ports are allowed.
- Incoming ports are limited to the default Windows rules (includes allowing DCOM), plus the following:
TCP Ports
| Port | Purpose | Target Program/System Resource | Initial Status |
|---|---|---|---|
| 80 | HTTP | System | Enabled |
| 443 | HTTPS | System | Enabled |
| 445 | SMB | System | Disabled |
| 1433 | SQL Server | sqlservr.exe | Enabled |
| 2000 | App Bus | C:\Program Files(x86)\Common Files\eEye Digital Security\Application Bus\eeyeevnt.exe | Disabled |
| 2383 | SQL Analysis Services | msmdsrv.exe | Enabled |
| 3389 | RDP | C:\Windows\System32\svchost.exe | Enabled |
| 4422 | Session Monitoring SSH | C:\Program Files(x86)\eEye Digital Security\Retina CS\pbsmd.exe | Enabled |
| 4489 | Session Monitoring RDP | C:\Program Files(x86)\eEye Digital Security\Retina CS\pbsmd.exe | Enabled |
| 5022 | SQL Server Mirroring | Binn\sqlservr.exe | Enabled |
| 5985 | WinRM (AWS Images Only) | System; Restricted to 10.0.0.0-16 | Enabled |
| 8530 | WSUS HTTP | System | Disabled |
| 8531 | WSUS HTTPS | System | Disabled |
| 10001 | Central Policy v1 | C:\Program Files(x86)\eEye Digital Security\Retina CS\REMCentralPolicyService.exe | Enabled |
| 21690 | App Bus | (C:\Program Files(x86)\Common Files\eEye Digital Security\Application Bus\eeyeevnt.exe | Enabled |
| 21690 | Event Server | C:\Program Files(x86)\Common Files\eEye Digital Security\Event Server\REMEventsSvc.exe | Enabled |
UDP Port
| Port | Purpose | Target Program/System Resource | Initial Status |
|---|---|---|---|
| 4609 | Appliance Discovery | C:\Program Files(x86)\Common Files\eEye Digital Security\Scheduler\eeyeschedulersvc.exe | Enabled |
ICMPv4 Protocol
| Port | Purpose | Target Program/System Resource | Protocol | Initial Status |
|---|---|---|---|---|
| Any | ICMP Type 3, Code 4- Destination Unreachable Fragmentation Needed | Any | ICMPv4 | Enabled |
| Any | ICMP Type 8- Echo | Any | ICMPv4 | Enabled |
