Ports used for installation and operation of components

To ensure successful installation and operation of components of Kaspersky Industrial CyberSecurity for Networks, specific ports and protocols that will be used for data transfer must be available. You need to configure use of these ports and protocols in the settings of your network hardware or software that will be used to monitor network traffic.

The figure below shows the ports and protocols used by application components.

Diagram illustrating the usage of ports and protocols for connecting between application components, as well as for interacting with other applications. All ports and protocols shown in the diagram are listed in the table below.

Utilized ports and protocols

The purpose of utilized ports is described in the table below.

Purpose of utilized ports

 

Port

Protocol

Description

Computer where application components are installed

22

TCP (SSH)

This port is used to connect to nodes and to install Server and sensor components.

Computer that performs Server functions

22

TCP (SSH)

This port is used for interaction with the computer where the application components are installed.

80

TCP (HTTP)

This port is used for connecting through the web interface.

443

TCP (HTTPS)

This port is used for the following purposes:

  • Connection through the web interface
  • Connection to Kaspersky update servers
  • Connection of a sensor through the web interface automatically over the network

514

TCP/UDP

This port is used to send data via SIEM and Syslog connectors.

3333

4004

4444

TCP (HTTPS)

Used for interaction with the Identity and Access Manager component in Kaspersky Security Center Web Console when using the single sign-on (SSO) technology.

8080

TCP (HTTPS)

This port is used for the following purposes:

  • Connection via the Kaspersky Industrial CyberSecurity for Networks API (including the KUMA connector)
  • Connecting Kaspersky Security Center Web Console

8081

TCP (HTTPS)

This port is used to receive data from EPP applications (if an integration server was added to the Server node).

13000

TCP

This port is used to connect Network Agent to the Kaspersky Security Center Administration Server.

13520

TCP

This port is used for connections of sensors.

15000

UDP

Used to send the control signals to the Network Agent from Kaspersky Security Center Administration Server.

Computer that performs sensor functions

22

TCP (SSH)

This port is used for interaction with the computer where the application components are installed.

80

TCP (HTTP)

This port is used for connecting through the web interface.

8081

TCP (HTTPS)

This port is used to receive data from EPP applications (if an integration server was added to the sensor node).

Page top