Network ports used by Kaspersky Security for Virtualization 4.0 Light Agent

 

 

Kaspersky Security for Virtualization 4.0 | Light Agent

 
 
 

Network ports used by Kaspersky Security for Virtualization 4.0 Light Agent

Back to "Installation and Removal"
2017 Mar 29 ID: 13492
 
 
 
 

For the installation and correct functioning of Kaspersky Security for Virtualization 4.0 Light Agent, configure network hardware or software used for traffic control between the virtual machines to allow network traffic pass through the following ports:

Port and protocolDirectionPurpose and description
80 TCP
443 TCP
From the deployment and configuration wizard of Kaspersky Security Center to the VMware vCenter server.For deploying the SVM on the VMware ESXi hypervisor through the VMware vCenter server.
135 TCP / UDP
445 TCP / UDP
From the deployment and configuration wizard of Kaspersky Security Center to the Microsoft Windows Server (Hyper-V) hypervisor.To deploy the SVM on a Microsoft Windows Server (Hyper-V) hypervisor.
80 TCP
443 TCP
From the deployment and configuration wizard of Kaspersky Security Center ro the Citrix XenServer hypervisor.For deploying the SVM on the Citrix XenServer hypervisor.
22 TCPFrom the deployment and configuration wizard of Kaspersky Security Center to the KVM hypervisor.For deploying the SVM on the KVM hypervisor.
22 TCPFrom the deployment and configuration wizard of Kaspersky Security Center to the SVM.For changing the SVM configuration.
80 TCP
443 TCP
From the SVM to the VMware vCenter server.For interaction between the SVM and the VMware ESXi hypervisor through the VMware vCenter server.
135 TCP / UDP
445 TCP / UDP
5985 TCP
5986 TCP
From the SVM to the Microsoft Windows Server (Hyper-V) hypervisor.To enable interaction between the SVM and the Microsoft Windows Server (Hyper-V) hypervisor.
22 TCP
80 TCP
443 TCP
From the SVM to the Citrix XenServer hypervisor.For interaction between the SVM and the Citrix XenServer hypervisor.
22 TCPFrom the SVM to the KVM hypervisor.For interaction between the SVM and the KVM hypervisor.
9876 UDPFrom the Light Agent to the Multicast group.To send the information about all available SVMs on all hypervisors of the virtual infrastructure through multicast.
9876 UDPFrom the SVM to the Multicast group or the Light Agent.To send the information about available SVMs to the Light Agents through multicast or using the list of SVM addresses.
7271 TCPFrom the SVM to the Integration Server.For interaction between the SVM and the Integration Server.
7271 TCPFrom the Light Agent to the Integration Server.For interaction between the Light Agent and the Integration Server.
8000 UDPFrom the Light Agent to the SVM.To provide the Light Agent with information on the SVM status (Unicast).
11111 TCPFrom the Light Agent to the SVM.To transfer service requests (e.g., requests for license information) from the Light Agent to the SVM.
9876 TCPFrom the Light Agent to the SVM.To send request for scanning files from the Light Agent to the SVM.
80 TCPFrom the Light Agent to the SVM.To update databases and application modules on the Light Agent.
15000 UDPFrom Kaspersky Security Center to the SVM.To manage the application via Kaspersky Security Center on the SVM.
15000 UDPFrom Kaspersky Security Center to Light Agents.To manage the application via Kaspersky Security Center on the Light Agents.
13000 TCPFrom the SVM to Kaspersky Security Center.To manage the application via Kaspersky Security Center on the SVM.
14000 TCPFrom the Light Agent to Kaspersky Security Center.To manage the application via Kaspersky Security Center on Light Agents.

If the Light Agent installed on the protected virtual machine receives the information about the SVM through multicast, then the routing of the packets through IGMP version 3 for group 239.255.76.65:9876 must be established for connecting the Light Agent to the Protection Server located on the SVM.  

After installation, Light Agent configures the settings of Microsoft Windows Firewall to allow incoming and outgoing traffic for the avp.exe process. If a domain policy is used for Windows Firewall, you need to set a rule for inbound and outbound connections for the avp.exe process in the domain policy. If a different firewall is used, you need to set an exclusion rule for the avp.exe process for the firewall. 

If you are using the Citrix XenServer or VMware ESXi hypervisor with the promiscuous mode enabled on the network adapter of the guest operating system, the guest operating system receives all Ethernet frames passing through the commuter, if this is allowed by the VLAN policy. This mode can be used for traffic monitoring and analysis in the network segment where the SVMs and the protected virtual machines are used. The traffic between the SVM and protected virtual machines is not encrypted, therefore it is not recommended to use the promiscuous mode in network segments when the SVM is running. If you need to use this mode (for example, for monitoring traffic by other virtual machines to detect attempts of unauthorized access to the network or for fixing network issues), configure the restrictions to protect the traffic between the SVM and protected virtual machines from unauthorized access. 

 
 
 
 
Was this information helpful?
Yes No
 

 
 

Have you found what you were looking for?

Please let us know how we can make this website more comfortable for you

Send feedback Send feedback

Thank you!

Thank you for submitting your feedback.
We will review your feedback shortly.