FortiSIEM
FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
Andy_G
Staff
Staff
Article Id 198512

Description

Summary of Topic

The Following ports are used by AccelOps to discover devices, pull metrics and process event logs:

 

 Ports  Services Super Worker Collector
UDP/514 UDP syslog x x x
TCP/1470 TCP syslog x x x
UDP/2055 netflow x x x
TCP/22 ssh x x x
TCP/5480 HTTP Registration     x
ICMP   x x x
TCP/21 FTP (Receiving Bluecoat logs via ftp) x x x
TCP/5432 postgresql x    
UDP/111, TCP/111 NFS portmapper x x  
TCP/7900 phMonitor x x  
TCP/7914 phParser x x  
TCP/7916 phQueryWorker x x  
TCP/7918 phQueryMaster x x  
TCP/7920 phDataManager x x  
TCP/7922 phRuleMaster x x  
TCP/7924 phRuleWorker x x  
TCP/7926 phAgentManager x x  
TCP/7928 phDiscover x x  
TCP/7930 phCheckpoint x x  
TCP/7932 phReportWorker x x  
TCP/7934 phReportMaster x x  
TCP/7936 phEventPackager x x  
TCP/7938 phIpIdentityMaster x x  
TCP/7940 phIpIdentityWorker x x  
TCP/110 POP3 x    
TCP/135 WMI x x x
TCP/143 IMAP x    
UDP/161 SNMP x x x
UDP/162 SNMP TRAP x x x
TCP/389 LDAP x x x
TCP/443 HTTPS x x x
TCP/993 IMAP/SSL x    
TCP/995 POP/SSL x    
TCP/1433 JDBC x x x
UDP/8686 JMX x x x
TCP/18184 Checkpoint LEA x x x
TCP/18190 Checkpoint CPMI Port x x x
         
         
         
         
         

Additional Information

(more to come)

Version Application

All

 

 

Contributors