Endpoint Security Services and Ports

Endpoint Security operations are implemented by different services on the Endpoint Security Management Server, SmartEndpoint, and Endpoint Security clients.

Important - Make sure that these services and ports are not blocked by Firewall rules. To do so, connect to SmartConsole and SmartEndpoint on the Endpoint Security Management Server.

In SmartConsole, explicit rules are in Security Policies tab > Access Control.

See implied rules in Security Policies tab > Access Control > Actions > Implied Rules

Services used by the client to communicate with the Endpoint Security Management Server:

Client to Server Service	Protocol	Port	Notes
Policy downloads Anti-Virus updates Client package Application Control	HTTP	TCP/80
Endpoint registration New file encryption key retrieval	HTTPS	TCP/443	Used to encrypt messages sent using the Endpoint Security Encrypted Protocol
Synchronization request Heartbeat Log upload	ESP Encrypted	TCP/80	Heartbeat, communicates policy, status and compliance changes.
Full Disk Encryption Recovery Data Upload Media Encryption & Port Protection Key Exchange Full Disk Encryption User Acquisition & User credentials.	ESP Encrypted	TCP/443

SmartEndpoint uses SIC to reach the Endpoint Security Management Server:

Service	Protocol	Port
Check Point Secure Internal Communication	SIC	TCP/18190 - 18193

Before installing Endpoint Security Management Server, make sure these ports are not blocked:

TCP Port	Reserved for:
8080	Communication between Security Management Server and Directory Scanner to Tomcat
8009	Communication between Apache and Tomcat
1080	SOCKS Proxy