Ports required when MOVE AV Multi-platform clients are located in a Demilitarized Zone
Last Modified: 2023-09-22 06:54:24 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Ports required when MOVE AV Multi-platform clients are located in a Demilitarized Zone
Technical Articles ID:
KB85246
Last Modified: 2023-09-22 06:54:24 Etc/GMT Environment
Management for Optimized Virtual Environments (MOVE) MOVE AntiVirus (AV) Multi-platform 4.x MOVE AV Multi-platform Offload Scan Server (OSS) MOVE AV Multi-platform Security Virtual Appliance (SVA) Manager For details of MOVE-supported environments, see KB74865 - Supported platforms for Management for Optimized Virtual Environments. Summary
When the Virtual Machines (VMs) are located in Demilitarized Zone, several ports need to be open. The ports allow ePO communications between the VM clients and the OSS/SVA Manager.
ProblemThe VM clients can communicate with the ePO server. But, when you run the command
When you perform a Telnet to the OSS on port 9053 (default port), it fails even though it's possible to ping the OSS and SVA Manager. The information above is seen when ePO administrators change the Offload Scan Server 4.x.x policy option Scan Server port and SVA Manager (default 8080) port. Cause
Essential ports are closed, preventing the VM from reaching the OSS or the SVA Manager. A Telnet test on the ports has to function. A successful test allows the VM client to contact to the OSS and the SVM Manager. SolutionTo allow ePO communications between the VM clients and the OSS/SVA Manager, make sure that the following communication ports are open (default port numbers are shown - replace these with the relevant ports in your environment):
Affected ProductsLanguages:This article is available in the following languages: |
|