Forcepoint Email Security ports
| Applies to: |
|---|
|
The following ports are used on the Forcepoint Email Security appliance.
If you are running Forcepoint Email Security in Azure, you must use the C interface IP address. Ensure that all ports are opened for the C interface.
Note: If any of the ports in this document are dropped, blocked, or decrypted (including SSL Decryption or Deep Packet Inspection) by any firewall or intrusion detection/ prevention device,
your Email Security environment may not function properly.
| Interface | Port | Direction | Description |
|---|---|---|---|
| C/P1/P2 | 9449 | Inbound | Personal Email Manager load balancing, Secure Message Delivery end-user portal |
|
C/P1/P2 (C recommended) |
6671 | Inbound | SSL proxy to be accessed by the Email Security module of the Security Manager |
| C/P1/P2 | 6643 | Inbound | Personal Email Manager user interface |
| P1/P2 | 17700* | Inbound | Email data loss prevention system health and log data |
| P1/P2 | 25 | Inbound | SMTP |
| P1/P2 | 2525 | Inbound | Receipt of messages from data loss prevention function for encryption |
* The port range 17700-17714 must be open for communications with Forcepoint Email Security.
The following ports are used on the appliance for outbound connections to Forcepoint DLP.
| Interface | Port | Direction | Description |
|---|---|---|---|
| C/P1/P2 |
17500- 17515* |
Outbound | Fingerprint status |
| C/P1/P2 |
17500- 17515* |
Outbound | Fingerprint repository |
| C/P1/P2 | 17443 | Outbound | Registration, syslog, forensics, incidents |
| C/P1/P2 | 17444 | Outbound | Fingerprint download |
| C/P1/P2 |
17500- 17515* |
Outbound | Message analysis |
| C/P1/P2 | 80 | Outbound | Fingerprint repository synchronization |
* This is the default range. The starting location of the range (17500) is configurable.
The following ports are used by Forcepoint Email Security off-appliance components.
| Interface | Port | Direction | Description |
|---|---|---|---|
| C/P1/P2 | 9443 | Inbound | Email Security module of the Security Manager |
| P1/P2 | 50800 | Inbound | Email Log Server |
| P1/P2 | 50900 | Inbound | Email Log Server backup alerts port |
| P1/P2 | 1433 1434 |
Outbound | Email Log Database default instance |
| P1/P2 | 443 | Outbound | Email hybrid service |
| P1/P2 | 15868 | Outbound | Filtering Service (a web protection component) |
| P1/P2 | 56992 | Outbound | Linking Service (a web protection component) |
| P1/P2 | 389 636 |
Outbound | LDAP server |
| P1/P2 | 80 | Outbound | Database download server |
| P1/P2 | 53 | Outbound | DNS server |
| C | 162 | Outbound | SNMP Trap server |