The tables below show the default ports that must be open on Administration Server and on client devices. If you want, you can change each of these default port numbers.
Ports used by Kaspersky Security Center 13 Linux Administration Server
Port number |
Name of the process that opens the port |
Protocol |
Port purpose |
Scope |
|---|---|---|---|---|
8060 |
klcsweb |
TCP |
Transmitting published installation packages to client devices |
Publishing installation packages |
8061 |
klcsweb |
TCP (TLS) |
Transmitting published installation packages to client devices |
Publishing installation packages |
13000 |
klserver |
TCP (TLS) |
Receiving connections from Network Agents and secondary Administration Servers; also used on secondary Administration Servers for receiving connections from the primary Administration Server (for example, if the secondary Administration Server is in DMZ) |
Managing client devices and secondary Administration Servers |
13000 |
klserver |
UDP |
Receiving information about devices that were turned off from Network Agents |
Managing client devices |
13291 |
klserver |
TCP (TLS) |
Receiving connections from Administration Console to Administration Server |
Managing Administration Server |
13294 (only if you work with UEFI protection devices) |
klserver |
TCP (TLS) |
Receiving connections from UEFI protection devices |
Managing UEFI protection client devices |
14000 |
klserver |
TCP |
Receiving connections from Network Agents |
Managing client devices |
17000
|
klactprx
|
TCP (TLS)
|
Receiving connections for application activation from managed devices
|
Activation proxy server for managed devices
|
8080* |
Node.js: Server-side JavaScript |
TCP (TLS) |
Receiving connections from browser to Kaspersky Security Center 13 Web Console |
Kaspersky Security Center 13 Web Console |
* Kaspersky Security Center 13 Web Console Server may be the same device where the Administration Server is running, or it may be a different device.
When you install Kaspersky Security Center 13 Web Console on ALT Linux operating system, you must specify a port number other than 8080, because port 8080 is used by the operating system.
If you install the Administration Server and the database on different devices, you must make available the necessary ports on the device where the database is located (for example, port 3306 for MariaDB Server). Please refer to the DBMS documentation for the relevant information.
Ports used by client devices
Port number |
Name of the process that opens the port |
Protocol |
Port purpose |
Scope |
|---|---|---|---|---|
15000 |
klnagent |
UDP |
Management signals from Administration Server to Network Agents |
Managing client devices |
15000 |
klnagent |
UDP broadcast |
Getting data about other Network Agents within the same broadcasting domain (the data is then sent to the Administration Server) |
Delivering updates and installation packages |
13000 (only if used as distribution point) |
klnagent |
TCP (TLS) |
Receiving connections from Network Agents |
Managing client devices, delivering updates and installation packages
|
15001 (only if used as distribution point) |
klnagent |
UDP |
Multicasting for Network Agents |
Delivering updates and installation packages |
Please note that the klnagent process can also request free ports from the dynamic port range of an endpoint operating system. These ports are allocated to the klnagent process automatically by the operating system, so klnagent process can use some ports that are used by another software. If the klnagent process affects that software operations, change the port settings in this software, or change the default dynamic port range in your operating system to exclude the port used by the software affected.