Shavlik Protect Inbound and Outbound Port Requirements Explanations

Version 4

    Inbound

    • TCP 80 (Only for Distribution Servers that utilize HTTP) Needed for Distribution Servers to Sync patches with Console only if using HTTP
    • TCP 135 (Inbound on agentless target machine) WMI Scanning – Only needed if using Asset Scanning
    • TCP 137-139 (Windows file sharing/directory services) required for agentless scan to work
    • TCP 445 (Windows file sharing/directory services) required for agentless scan to work
    • TCP 3121 (Inbound on the console) required for tracker status updates for patch deployment and agent communication back to console
    • TCP 4155 (Inbound on agent machine) Allows agent to allow commands from console
    • TCP 5120 (Inbound on agentless target machine) Allows scheduler to receive commands from console machine
    • TCP 5985 (Inbound on agentless target machine) Allows you to use IT Scripts feature
    • TCP 443 (Only for Distribution Servers that utilize HTTPS) Needed for Distribution Servers to Sync patches with Console only if using HTTPS

     

    Outbound

    • TCP 80 (Only for Distribution Servers that utilize HTTP) Allows agent and console communion with Distribution Server using HTTP
    • TCP 137-139 (Windows file sharing/directory services) required for agentless scan to work)
    • TCP 445 (Windows file sharing/directory services) required for agentless scan to work)
    • TCP 3121 (Agent machine to console) Required for tracker status updates for patch deployment and agent communication back to console
    • TCP 5120 (From console to agentless target) Allows console to send commands to target machine scheduler
    • UDP 9 (Only used if using Wake on Lan)
    • UDP 137 Shavlik Protect is using UDP port 137 (NetBIOS name service) to enumerate the browse list