Ports used by LANDESK Management Suite - Full List

Version 50

    Verified Product Versions

    LANDESK Management Suite 9.5LANDESK Management Suite 9.6LANDESK Management Suite 2016.x

    Question(s):


    This document will try to address the following questions:

     

    • What ports does LANDESK Management Suite use?
    • What ports need to be opened in my firewall?
    • What port(s) does component X use?
    • Does LANDESK have a ports list?
    • What TCP and UDP Ports must be open on a Linux Agent's Firewall?
    • Do I need to open my firewall to let ICMP ECHO/ECHO REPLY packets pass?
    • Where can I find a network port diagram?

    Answer:


    ICMP

    Quite a few functionalities of LANDESK rely on ping (ICMP ECHO) to probe if the device or server is reachable. Disabling ICMP ECHO within the network might result in losing LANDESK functions, such as bandwidth awareness or usage of preferred server.

    The network port information has been divided into the following sections.

     

     

    Additionally a graphical representation of the data is attached to this article.

     

    Note: It is recommended that all ports for a specific component be opened for backwards compatibility. Failing to open listed ports is not tested.

     

    Core Server

    Port #

    Direction

    Notes

    TCP22    OutboundUDD
    TCP25OutboundUDD
    TCP80Inbound OutboundActivation, Client, Core Sync, Inventory, Patch Manager, Security Suite, Web Console
    TCP139InboundConsole, UNC
    TCP389OutboundLDAP
    TCP443InboundClient, Console, Inventory, SLM, Software Distribution
    TCP445InboundConsole, UNC
    TCP1433OutboundDatabase (MS SQL Server)
    TCP1521OutboundDatabase (Oracle)
    TCP5007InboundInventory
    TCP8092Inbound OutboundCore, Console, AMT MPS Server
    TCP9535OutboundRemote Management
    TCP9590Inbound OutboundConsole, SLM
    TCP9591Inbound OutboundConsole, SLM
    TCP9593OutboundSoftware Distribution
    TCP9594Inbound OutboundSoftware Distribution
    TCP9595Inbound OutboundAgent Discovery
    TCP9971OutboundAgentless AMT Discovery
    TCP9972OutboundAMT Notification
    TCP9982InboundAMT Discovery (VPro)
    TCP12174OutboundRemote Execute
    TCP12175InboundSoftware Distribution (Policy) [version 8.7 & Older]
    TCP12176InboundSoftware Distribution (Policy) [version 8.8 - Current]
    TCP16992Inbound OutboundHTTP AMT Management
    TCP16993Inbound OutboundHTTP AMT Management
    TCP16994Inbound OutboundAMT Hello Packets
    TCP33354OutboundMulticast
    UDP9595Inbound OutboundAgent Discovery
    UDP33354OutboundMulticast
    UDP38293Inbound OutboundAgent Discovery

     

    Linux Agent

    Port #

    Direction

    Notes

    TCP25InboundUDD
    TCP80OutboundPatch Manager, Inventory
    TCP443OutboundClient, Core, Inventory
    TCP5007OutboundInventory
    TCP9535InboundRemote Management
    TCP9593InboundSoftware Distribution
    TCP9594Inbound OutboundSoftware Distribution
    TCP9595Inbound OutboundAgent Discovery
    TCP12174InboundRemote Execute
    UDP67OutboundImaging (PXE Broadcast)
    UDP68InboundImaging (PXE)
    UDP69OutboundImaging (PXE TFTP)
    UDP1759OutboundImaging (PXE MTFTP)
    UDP4011OutboundImaging (PXE Unicast)
    UDP9595Inbound OutboundAgent Discovery

     

     

     

    Mac Agent

    Port #

    Direction

    Notes

    TCP25InboundUDD
    TCP80OutboundPatch Manager, Inventory, Software Distribution
    TCP443OutboundClient, Core, Inventory, Patch Manager, Software Distribution
    TCP4343InboundOutboundHTML 5 Remote Control
    TCP5007OutboundInventory
    TCP9535InboundRemote Management
    TCP9593InboundSoftware Distribution
    TCP9594Inbound OutboundSoftware Distribution
    TCP9595Inbound OutboundAgent Discovery
    TCP12174InboundRemote Execute
    TCP12175OutboundSoftware Distribution (Policy)
    TCP12176OutboundSoftware Distribution (Policy)
    TCP33354Inbound OutboundSoftware Distribution (Peer Download, Multicast)
    UDP9595Inbound OutboundAgent Discovery
    UDP33354OutboundSoftware Distribution (Multicast)
    UDP33355InboundSoftware Distribution (Multicast)

     

     

     

    CSA (Management Gateway)

    Port #

    Direction

    Notes

    TCP22Inbound OutboundSSH Administration
    TCP25OutboundEmail Notification
    TCP80Inbound OutboundActivation, Patching
    TCP443 OutboundInboundAdministration, Client, Core
    TCP444InboundDEP for IOS MDM

     

     

     

    Mobile Device Management Server

    Port #

    Direction

    Notes

    TCP80Inbound Outbound(Core Only)
    TCP443Inbound OutboundEnrollment
    TCP2195OutboundAPNS (Apple)
    TCP2196OutboundAPNS (Apple)
    TCP5223OutboundAPNS (Apple)
    TCP5228OutboundC2DM (Google)
    TCP444OutboundDEP (Apple)

     

     

     

    PXE Rep

    Port #

    Direction

    Notes

    UDP67InboundImaging (PXE Broadcast)
    UDP68OutboundImaging (PXE)
    UDP69InboundImaging (PXE TFTP)
    UDP1758OutboundImaging (PXE MTFTP)
    UDP1759InboundImaging (PXE MTFTP)
    UDP4011InboundImaging (PXE Unicast)

     

     

     

    Remote Console

    Port #

    Direction

    Notes

    TCP80OutboundConsole, Core, HTTP Management
    TCP139OutboundConsole, Core
    TCP443OutboundConsole, Client, Core, SLM
    TCP445OutboundConsole, Core
    TCP8092Inbound OutboundConsole, Core, AMT
    TCP9590Inbound OutboundConsole, Core, SLM
    TCP9591Inbound OutboundConsole, Core, SLM
    TCP9595Inbound OutboundAgent Discovery
    UDP68OutboundImaging (PXE)
    UDP69InboundImaging (PXE TFTP)
    UDP1758OutboundImaging (PXE MTFTP)
    UDP1759InboundImaging (PXE MTFTP)
    UDP4011InboundImaging (PXE Unicast)
    UDP9595Inbound OutboundAgent Discovery
    TCP1433 OutboundDatabase (MS SQL Server)

     

     

     

    Windows Agent

    Port #

    Direction

    Notes

    TCP25InboundUDD
    TCP80OutboundPatch Manager, Security Suite, Software Distribution, Inventory
    TCP137Inbound OutboundNetBIOS (non-domain clients)
    TCP139Inbound OutboundUNC
    TCP443OutboundClient, Core, Inventory, Software Distribution
    TCP445Inbound OutboundUNC
    TCP4343Inbound OutboundHTML5 Remote Control
    TCP5007OutboundInventory
    TCP9535InboundRemote Management
    TCP9593InboundSoftware Distribution
    TCP9594Inbound OutboundSoftware Distribution
    TCP9595Inbound OutboundAgent Discovery
    TCP9971InboundAMT Discovery
    TCP9972InboundAMT Notification
    TCP9982OutboundAMT Discovery/VPro
    TCP12174InboundRemote Execute
    TCP12175OutboundSoftware Distribution (Policy) [ver. 8.7 & Older]
    TCP12176OutboundSoftware Distribution (Policy) [ver. 8.8 - Current]
    TCP16992Inbound OutboundHTTP AMT Management
    TCP16993Inbound OutboundHTTPS AMT Management
    TCP16994Inbound OutboundAMT Hello Packet
    TCP33354Inbound OutboundSoftware Distribution (Peer Download, Multicast)
    UDP67OutboundImaging (PXE Broadcast)
    UDP68InboundImaging (PXE)
    UDP69OutboundImaging (PXE TFTP)
    UDP1758InboundImaging (PXE MTFTP)
    UDP1759OutboundImaging (PXE MTFTP)
    UDP4011OutboundImaging (PXE Unicast)
    UDP9535Inbound OutboundDevice Discovery, XDD
    UDP9595Inbound OutboundAgent Discovery
    UDP33354InboundSoftware Distribution (Multicast)
    UDP33355InboundSoftware Distribution (Multicast)
    UDP38293Inbound OutboundAgent Discovery

     

     

    Rollup Core

    Port #

    Direction

    Notes

    TCP1433Inbound OutboundRollup Core to SQL Servers
    TCP1433Inbound OutboundSQL server to SQL server replication

     

     

    **Note that if you are using Preferred Servers and replicators in your environment, the same ports that are used from the client to the Core and from the Core to the Client are used. As the Preferred Server must be an agent, and as some of the Core's tasks are off-loaded to the Preferred Server, the other clients will talk to it across the same ports they talk to the Core Server on.