Ports used for installation and operation of components

To ensure successful installation and operation of components of Kaspersky Industrial CyberSecurity for Networks, specific ports and protocols that will be used for data transfer must be available. You need to configure use of these ports and protocols in the settings of your network hardware or software that will be used to monitor network traffic.

The figure below shows the ports and protocols used by application components.

Diagram illustrating the usage of ports and protocols for connecting between application components, as well as for interacting with other applications. All ports and protocols shown in the diagram are listed in the table below.

Utilized ports and protocols

The purpose of utilized ports is described in the table below.

Purpose of utilized ports

Port	Protocol	Description

Computer where application components are installed
22	TCP (SSH)	This port is used to connect to nodes and to install Server and sensor components.
Computer that performs Server functions
22	TCP (SSH)	This port is used for interaction with the computer where the application components are installed.
80	TCP (HTTP)	This port is used for connecting through the web interface.
443	TCP (HTTPS)	This port is used for the following purposes: Connection through the web interface Connection to Kaspersky update servers Connection of a sensor through the web interface automatically over the network
514	TCP/UDP	This port is used to send data via SIEM and Syslog connectors.
3333 4004 4444	TCP (HTTPS)	Used for interaction with the Identity and Access Manager component in Kaspersky Security Center Web Console when using the single sign-on (SSO) technology.
8080	TCP (HTTPS)	This port is used for the following purposes: Connection via the Kaspersky Industrial CyberSecurity for Networks API (including the KUMA connector) Connecting Kaspersky Security Center Web Console
8081	TCP (HTTPS)	This port is used to receive data from EPP applications (if an integration server was added to the Server node).
13000	TCP	This port is used to connect Network Agent to the Kaspersky Security Center Administration Server.
13520	TCP	This port is used for connections of sensors.
15000	UDP	Used to send the control signals to the Network Agent from Kaspersky Security Center Administration Server.
Computer that performs sensor functions
22	TCP (SSH)	This port is used for interaction with the computer where the application components are installed.
80	TCP (HTTP)	This port is used for connecting through the web interface.
8081	TCP (HTTPS)	This port is used to receive data from EPP applications (if an integration server was added to the sensor node).

Page top