Overview of Email Security Ports

The following are ports used on the Forcepoint Email Security appliance.

Note: If any of the ports in this document are dropped, blocked, or decrypted (including SSL Decryption or Deep Packet Inspection) by any firewall or intrusion detection/ prevention device, your Email Security environment may not function properly.

Interface	Port	Direction	Description
C/P1/P2	9449	Inbound	Personal Email Manager load balancing, Secure Message Delivery end-user portal
C/P1/P2 (C recommended)	6671	Inbound	SSL proxy to be accessed by Forcepoint Security Manager Email Security module
C/P1/P2	6643	Inbound	Personal Email Manager user interface
P1/P2	17700*	Inbound	Email data loss prevention system health and log data
P1/P2	25	Inbound	SMTP
P1/P2	2525	Inbound	Receipt of messages from data loss prevention function for encryption
The port range 17700–17714 must be open for communications with Forcepoint Email Security.

The following ports are used on the appliance for outbound connections to Forcepoint DLP.

Interface	Port	Direction	Description
C/P1/P2	17500– 17515*	Outbound	Fingerprint status
C/P1/P2	17500– 17515*	Outbound	Fingerprint repository
C/P1/P2	17443	Outbound	Registration, syslog, forensics, incidents
C/P1/P2	17444	Outbound	Fingerprint download
C/P1/P2	17500– 17515*	Outbound	Message analysis
This is the default range. The starting location of the range (17500) is configurable.

The following are ports used by Forcepoint Email Security off-appliance components.

Interface	Port	Direction	Description
C/P1/P2	9443	Inbound	Email Security module of the Forcepoint Security Manager
P1/P2	50800	Inbound	Email Log Server
P1/P2	1433 1434	Outbound	Email Log Database default instance
P1/P2	443	Outbound	Email hybrid service
P1/P2	15868	Outbound	Filtering Service (a web protection component)
P1/P2	56992	Outbound	Linking Service (a web protection component)
P1/P2	389 636	Outbound	LDAP server
P1/P2	53	Outbound	DNS server
C	162	Outbound	SNMP Trap server