Ports used by Kaspersky Security Center Cloud Console

Support

Support for business applications

Kaspersky Security Center Cloud Console

February 12, 2024

ID 158830

To use Kaspersky Security Center Cloud Console, which is part of the Kaspersky infrastructure, you must open the following ports on the client devices to allow the internet connection (see table below):

Ports that must be open on client devices to allow the internet connection

Port (or port range)	Protocol	Purpose of the port (or port range)
23100-23199	TCP/TLS	Receiving connections from Network Agents and secondary Administration Servers on Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com. The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.
23700-23799 (only if you manage mobile devices)	TCP/TLS	Receiving connections from mobile devices. Connection to the Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com. The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.
27200-27299	TCP/TLS	Receiving connections for application activation from managed devices (except for mobile devices). Connection to the Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com. The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.
29200-29299	TCP/TLS	Tunneling connections to managed devices by using the klsctunnel utility through Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com. The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.
443	HTTPS	Connection to Kaspersky Security Center Cloud Console discovery service at *.ksc.kaspersky.com. The Kaspersky infrastructure can use any web address within this mask.
1443	TCP	Connection to Kaspersky Security Network
80	TCP	Connection is used to check validity of the Kaspersky Security Center certificates at *.digicert.com. The Kaspersky infrastructure can use any web address within this mask.

The table below lists the ports that must be open on client devices where Network Agent is installed.

Ports that must be open on client devices

Port number	Protocol	Port purpose	Scope
15000	UDP	Receiving data from connection gateways (if in use)	Managing client devices
15000	UDP broadcast	Getting data about other Network Agents within the same broadcasting domain	Delivering updates and installation packages
15001	UDP	Receiving multicast requests from a distribution point (if in use)	Receiving updates and installation packages from a distribution point

Port number

Protocol

Port purpose

Scope

15000

UDP

Receiving data from connection gateways (if in use)

Managing client devices

15000

UDP broadcast

Getting data about other Network Agents within the same broadcasting domain

Delivering updates and installation packages

15001

UDP

Receiving multicast requests from a distribution point (if in use)

Receiving updates and installation packages from a distribution point

Please note that the klnagent process can also request free ports from the dynamic port range of an endpoint operating system. These ports are allocated to the klnagent process automatically by the operating system, so klnagent process can use some ports that are used by another software. If the klnagent process affects that software operations, change the port settings in this software, or change the default dynamic port range in your operating system to exclude the port used by the software affected.

Also take into account that recommendations on the compatibility of Kaspersky Security Center Cloud Console with third-party software are described for reference only and may not be applicable to new versions of third-party software. The described recommendations for configuring ports are based on the experiences of Technical Support and our best practices.

The table below lists the additional ports that must be open on client devices where Network Agent is installed as a distribution point.

Ports used by Network Agent functioning as distribution point

Port number	Protocol	Port purpose	Scope
13000	TCP/TLS	Receiving connections from Network Agents	Managing client devices and delivering updates and installation packages
13111 (only if KSN proxy service is run on the device)	TCP	Receiving requests from managed devices to KSN proxy server	KSN proxy server
13295 (only if you use the distribution point as a push server)	TCP/TLS	Sending push notifications to managed devices	Distribution point used as a push server
15111 (only if KSN proxy service is run on the device)	UDP	Receiving requests from managed devices to KSN proxy server	KSN proxy server
17111 (only if KSN proxy service is run on the device)	HTTPS	Receiving requests from managed devices to KSN proxy server	KSN proxy server

If you have one or more Administration Servers on your network and use them as secondary Administration Servers when the primary Administration Server is located in the Kaspersky infrastructure, please refer to the list of ports that are used by Kaspersky Security Center running on-premises. Use those ports for interaction between your secondary Administration Server (or secondary Administration Servers) and client devices.

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company

Web and device controls. Data encryption. Centralized and convenient management from a single console.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.