What Ports are used by enVision
Originally Published: 2009-09-15
Article Number
Applies To
port
4.0.0, 3.7.0, 3.5.0
Issue
Resolution
To find what ports are used by enVision use the online help:
Click on the Question mark within enVision near the top of the window. It will be inside a white circle.
Click Search in the lower left hand corner of the panel that now appears and type in "Ports used by enVision" next to the search button at the top of the same panel.
Click the Search button and it will be the first result that comes back.
Below is the list of ports are used:
| Ports Used by enVision | |||
| The Item column describes the communication that uses TCP or UDP ports. The description may include the | |||
| protocol, the hosts or processes with which enVision appliances communicate, and the applicable enVision | |||
| configurations, features, or versions | |||
| The Port column specifies one or more TCP or UDP ports, and the Direction column specifies whether the | |||
| usage is Inbound to and/or Outbound from the enVision appliance. For each Item, all of the specified ports | |||
| are used in all of the specified directions. | |||
| For an enVision deployment with multiple appliances, the Appliance Type column identifies the node types | |||
| that pertain to each Item. For a deployment with a single appliance, every Item is applicable unless otherwise | |||
| noted | |||
| Ports Used by enVision for User Interfaces | |||
| Item | Port | Direction | Appliance Type |
| JNDI, RMI, and EJB client proxy connections from the NIC Web Server service to the NIC App Server service for VAM browsing in the enVision web UI | TCP 1098 TCP 1099 TCP 3873 TCP 4444 | Outbound from any A-SRV Inbound to the A-SRV that runs the NIC App Server service | A-SRV |
| Connection from Event Explorer to the NIC App Server service for Task Triage and VAM browsing | TCP 1098 TCP 1099 TCP 3873 TCP 4444 | Inbound to the A-SRV that runs the NIC App Server service | A-SRV |
| Connection from the Event Viewer in the enVision Web UI to the NIC Server service | TCP 2010 | Inbound | D-SRV |
| Connection from Event Explorer to the NIC Server service | TCP 2010 | Inbound | D-SRV |
| HTTP Connection from the enVision Web UI to NIC Web Server service | TCP 8080 | Inbound | A-SRV |
| HTTP Connection from Event Explorer to the NIC Web Server service | TCP 8080 | Inbound | A-SRV |
| HTTPS Connection from the enVision Web UI to the NIC Web Server service | TCP 8443 | Inbound | A-SRV |
| HTTPS Connection from Event Explorer to the NIC Web Server service | TCP 8443 | Inbound | A-SRV |
| Ports Used for Remote Appliance Management | |||
| Item | Port | Direction | Appliance Type |
| Connection to Internet Information services (part of the appliance OS) to download the Terminal Server ActiveX web client | TCP 80 | Inbound | All |
| HTTP Connection to Terminal Server (part of the appliance OS) from the DRAC Management Console | TCP 80* | Inbound | For 60 Series Only, All |
| HTTPS Connection to Terminal Server (part of the appliance OS) from the DRAC Management Console | TCP 443* | Inbound | |
| Connection to Terminal Server (part of the appliance OS) from the ActiveX web client or the full Remote Desktop Connection Client | TCP 3389 | Inbound | All |
| DRAC Desktop Console Redirection from the Dell Remote Access Card for OOB Management (remote desktop capability) | TCP 5900* TCP 5901* | Inbound and Outbound | For 60 Series Only, All |
| * Configurable port. See Support.Dell.com for Dell Remote Access User Guide on how to change ports and | |||
| information on other features of the Dell Remote Access Console. | |||
| Ports Used by enVision for Communications Between Services | |||
| Item | Port | Direction | Appliance Type |
| FTP File transfer connection from the NIC Forwarder service to forward collected data from the RC to the D-SRV (applies only to deployments with an RC at version lower than 3.5.0 forwarding to a D-SRV at version 3.5.0 or higher) | TCP 20 TCP 21 | Outbound from the RC Inbound to the D-SRV | RC, D-SRV |
| SFTP File transfer connection from the NIC WinSSHD service to forward collected data from the RC to the D-SRV (applies only to deployments with an RC at version 3.5.0 or higher) | TCP 22 | Outbound from the RC Inbound to the D-SRV | RC, D-SRV |
| Connection from the NIC Logger service for collection of internal events from NIC services and from the NIC SFTP agent for Windows (in deployments with multiple appliances, communications from NIC services are to the D-SRV from all appliances within the site; in deployments with an RC, communications from NIC services on the RC are local; NIC SFTP agents communicate to their associated D-SRV or RC) | UDP 600 | Outbound from any appliance and from all services and devices with SFTP agents Inbound to D-SRV or RC | All, D-SRV, RC |
| Connection to the NIC Server service for IPDB (connections across sites are between any two D-SRVs or between any D-SRV and any RC) | TCP 2010 | Inbound and Outbound | D-SRV, RC |
| Connections from the NIC Server service to the NIC Packager service(deployments with multiple appliances only; connections are from the D-SRV to any LC within the site) | TCP 2015 | Inbound to the LC Outbound from the D-SRV | LC, D-SRV |
| Connection from the NIC DB Replication Client service to the NIC DB Replication Server service (deployments with multiple appliances only; within a site, connections are to the D-SRV from any other appliance; in a deployment of multiple sites, connections between sites are from a D-SRV to its master D-SRV) | TCP 2439 | Inbound to the D-SRV Outbound from any appliance | D-SRV |
| Connection to the NIC DB Server service for the configuration database (For enVision versions: 3.5.0 and higher, connections are local only.) (Lower than 3.5.0, communications include local connections on any appliance, connections within a site to the D-SRV from any other appliance, and connections across sites to a master D-SRV from its slave D-SRV or RC.) | TCP 2638 | 3.5.0 and higher: Inbound to any appliance | All |
| Connection to the NIC DB Report Server service for the report database (communication is local only) | TCP 3989 | Inbound | A-SRV |
| Ports Used by enVision Services for Communication with Other Network Services and Applications | |||
| Item | Port | Direction | Appliance Type |
| Connection from the NIC Alerter service for SMTP email sent by enVision to an SMTP server | TCP 25 | Outbound | A-SRV |
| Connection from the NIC Server service for DNS resolution (local requests use UDP port 53 on the appliance; remote requests use UDP port 53 on the remote DNS server) | UDP 53 | Outbound and Inbound | D-SRV, RC |
| Connection from the NIC Alerter service for SNMP traps sent by enVision to a trap receiver | UDP 162 | Outbound | A-SRV |
| Connection from enVision for integration with LDAP servers | TCP 389 TCP 636 | Outbound | A-SRV |
| Connection from the NIC Alerter service for SNPP alerts sent by enVision to a paging server | TCP 444 | Outbound | A-SRV |
| Connection from the NIC Alerter service for Syslog messages sent by enVision to a remote syslog server | UDP 514 (this is the default; you can use output action configuration to change this port ) | Outbound | A-SRV |
| Connection from the NIC Alerter service for AIM alerts sent by enVision (authentication uses TCP port 29999 at login.oscar.aol.com; messaging uses TCP port 5190 at toc.oscar.aol.com) | TCP 5190 TCP 29999 | Outbound | A-SRV |
| HTTPS connection from external application such as external ticketing system to NIC AppServer to update tasks. | TCP 8086 | Outbound from external application Inbound to the A-SRV where the NIC App Server service runs | A-SRV |
| Ports Used for Event Collection | |||
| Item | Port | Direction | Appliance Type |
| Connection to NIC File Reader service for FTP sent to enVision (for example, from devices with a UNIX FTP client script) | TCP 20 TCP 21 | Inbound | LC, RC |
| Connection to NIC WinSSHD service for Secure FTP sent to enVision (for example, from devices with the Windows SFTP client or a UNIX SFTP client script) | TCP 22 | Inbound | LC, RC |
| Connection to NIC Trapd service for SNMP traps sent to enVision | UDP 162 | Inbound | LC, RC |
| Connection to NIC Collector service for Syslog sent to enVision | UDP 514 | Inbound | LC, RC |
| Connection to NIC ODBC service for ODBC event collection (the ports listed are the defaults; ports may be customized on your devices) | TCP 1109 (ActivIdentity) TCP 1433 (ISS SiteProtector, McAfee ePolicy Orchestrator, Microsoft SQL Server) TCP 1521 (Oracle Database) | Outbound | LC, RC |
| Ports Used for Event Collection, Using Device-Specific Services | |||
| Item | Port | Direction | Appliance Type |
| Connection from NIC Windows service for Windows data collection | TCP 135 TCP 139 TCP 445 dynamic RPC ports | Outbound | LC,RC |
| Connection from NIC SDEE Collection service for Cisco Secure IDS data collection | TCP 443 | Outbound | LC,RC |
| Connection from NIC FW-1 LEA Client service for Check Point FireWall-1, VPN-l, Provider-1, and SmartDefense data collection | TCP 18184 | Outbound | LC,RC |
| Connection from NIC FW-1 LEA Client service for Check Point FireWall-1, VPN-l, Provider-1, and SmartDefense used to exchange certificates when using authentication type requiring a pull, such as sslca | TCP 18210 TCP 18211 | Outbound | LC,RC |
| Ports Used for Asset Data Collection by NIC Vulnerability Service (Deprecated) | |||
| Item | Port | Direction | Appliance Type |
| Connection to the NIC Vulnerability service for nCircle IP360 data collection This vulnerability service is deprecated. Please use the Asset Collector Service. | TCP 22 | Inbound | D-SRV |
| Connection to the NIC Vulnerability service for QualysGuard data collection. This vulnerability service is deprecated. Please use the Asset Collector Service. | TCP 443 | Outbound | D-SRV |
| Ports Used for Asset Data Collection by VAM (Vulnerability and Asset Management) Services | |||
| Item | Port | Direction | Appliance Type |
| Connection to the Asset Collector service for Nessus and/or nCircle IP360 data collection | TCP 22 | Inbound | LC |
| Connection to the Asset Collector service for QualysGuard data collection | TCP 443 | Inbound | LC |
| Connection from the Asset Collector service for McAfee Foundscan and/or ISS Site Protector data collection | TCP 1433 | Outbound | LC |
| Ports Used by Windows Services Required by enVision | |||
| Item | Port | Direction | Appliance Type |
| Connection to the Local Security Authentication Server | TCP 88 | Inbound | All |
| Connection to the Local Security Authentication Server | Dynamic RPC ports | Inbound | All |
| Connection to NT File Replication services | Dynamic RPC ports | Inbound | All |
Related Articles
Using ODBC collection on enVision 60 series systems Number of Views Silent install does not complete creates log file with error code Number of Views “An issue with handling encryption was encountered" with IBM JDK 1.8.0_281 and later in RSA Identity Governance & Lifecycle Number of Views OIDC Relying Party Endpoints Number of Views RSA SecurID Software Token 2.4 for iOS Quick Start (German) Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
Don't see what you're looking for?
