Home products
1-10 computers
Business products
Workstations & Servers protection
Workstation protection
File server protection
Mail system protection
Perimeter protection
Administration Kit
Kaspersky Administration Kit 8.0
Kaspersky Administration Kit 6.0 MP1/MP2
Operating principles
Implementing in network
Maintenance
Database updates
Licence management
Monitoring
Complex-components uninstalling
Troubleshooting
All articles
Kaspersky Administration Kit 5.0 MP3 (builds 5.0.1104 - 5.0.1152)
Support lifecycle of applications for remote management
Kaspersky Hosted Security Services
Fighting malicious programs
How to disinfect...
Training and Certification
Take an educational course and become a certified anti-virus security specialist
Self Service
More help online
Support contacts and conditions
Information about support services and rules
You are welcome to subscribe to "New articles in Knowledge base" mailing list:

You are visiting our Support Website and we thank you in advance for your participation in this poll and your feedbacks.

Please vote honestly, we will analyze the results and will do our best to improve our service as soon as possible.

 Corporate Support Website Usability Survey:
Navigation quality*
Technical articles efficiency*
Relevance of the article(s) turned out by your query*
Ease of access to relevant information*
Comments

Read the same in:    English  Francais  Deutsch  日本語  Polski  Русский  
Home / Business products /  Administration Kit /  Kaspersky Administration Kit 6.0 MP1/MP2 /  Operating principles

 
Search :  
Search tips Article ID # :   
 

Kaspersky Administration Kit 6.0 MP1/MP2
Knowledge base
Product Info
System requirements
 
What ports should be opened on Administration Server and client computers?
 ID Article: 1232    Other languages:  Francais  Deutsch  日本語  Polski  Русский      Views for 7 days 64    Last modified on 2008 Jun 03 17:25 Printable version

Useful links
 



 

Concerning to Kaspersky Administration Kit 6.0 MP1

To provide work of the logical network on the Administration Server the following ports should be opened:

on the Administration Server 

  • TCP 13000 – to connect client computers, Network Agents and slave Administration Servers using secure connection (SSL). 
  • TCP 14000 – to connect client computers, Update Agents and slave Administration Servers to the Administration Server without secure connection.

Information When connecting to the Administration Server a client computer gives to the Server statistics information how Kaspersky Lab installed applications function, their events, etc., synchronizes the application settings, tasks, etc.

By default, the Network Agent tries to connect to the Server every 15 minutes. This value can be changed in the Network Agent’s policy. 

  • UDP 13000 – to get information when client computers are turned off. 
  • TCP 18000 – for the Administration Server to get the data from the authentication server Cisco NAC.

 

on the computer defined by the Update Agent: 

  • TCP 13000 should be opened to connect client computers to the Update Agent using secure connection (SSL).

 

  • TCP 13001 should be opened to connect client computers to the Update Agent using secure connection (SSL) if a computer- Administration Server is defined by the Update Agent. 

 

  • TCP 14000 should be opened to connect client computers to the Update Agent without the secure connection. 

 

  • TCP 14001 should be opened to connect client computers to the Update Agent without the secure connection if a computer- Administration Server is defined by the Update Agent.

on a client computer 

  • UDP 60000 – to realize in the network the Wake-On-LAN function.
  • UDP 15000 port should be opened: 
      • for the Administration Server to get information about the client computer in real time (for example, when viewing statistics). In this case the Administration Server will try to connect to the Network Agent. 

Example, the Synchronize command from the Console will not work if 15000 UDP-port is closed on a Client. But at the same time the Network Agent will be able to establish connection with the Server to get policies, send reports, etc.


Useful links
 



 

Information For outgoing connections of client computers with the Administration Server and Update Agents the ports range 1024-5000 is used. The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008: 49152-65535.

 

WarningFor initial installation of the Network Agent using the task of remote install from Kaspersky Administration Kit the following ports should be opened on a client computer:

    • TCP 139 
    • TCP 445 
    • UDP 137 
    • UDP 138

If Microsoft Windows Firewall is enabled, in order to open the specified ports do the following:

1. Make sure the Don’t Allow Exceptions box is cleared:

2. check File and Printer Sharing in the list of allowed exclusions:

 Did the provided info help you?

                       

 Give your detailed feedback.

 

Kaspersky Lab

Copyright © 1997 - 2009 Kaspersky Lab
Site map  |   Contact us  |   International Support Service  |  Send us a suspected virus
Login Your Personal Cabinet  |   Register  |   FAQ for Personal Cabinet