Network ports used by Kaspersky Security for Virtualization 4.0 Light Agent

 

Kaspersky Security for Virtualization 4.0 Light Agent

 
 
 

Network ports used by Kaspersky Security for Virtualization 4.0 Light Agent

Back to "Installation and Removal"
2018 Sep 10 ID: 13492
 
 
 
 

For the installation and correct functioning of Kaspersky Security for Virtualization 4.0 Light Agent, configure network hardware or software used for traffic control between the virtual machines to allow network traffic pass through the following ports:

Port and protocol Direction Purpose and description
80 TCP
443 TCP		 From the deployment and configuration wizard of Kaspersky Security Center to the VMware vCenter server. For deploying the SVM on the VMware ESXi hypervisor through the VMware vCenter server.
135 TCP / UDP
445 TCP / UDP		 From the deployment and configuration wizard of Kaspersky Security Center to the Microsoft Windows Server (Hyper-V) hypervisor. To deploy the SVM on a Microsoft Windows Server (Hyper-V) hypervisor.
80 TCP
443 TCP		 From the deployment and configuration wizard of Kaspersky Security Center ro the Citrix XenServer hypervisor. For deploying the SVM on the Citrix XenServer hypervisor.
22 TCP From the deployment and configuration wizard of Kaspersky Security Center to the KVM hypervisor. For deploying the SVM on the KVM hypervisor.
22 TCP From the deployment and configuration wizard of Kaspersky Security Center to the SVM. For changing the SVM configuration.
80 TCP
443 TCP		 From the SVM to the VMware vCenter server. For interaction between the SVM and the VMware ESXi hypervisor through the VMware vCenter server.
135 TCP / UDP
445 TCP / UDP
5985 TCP
5986 TCP		 From the SVM to the Microsoft Windows Server (Hyper-V) hypervisor. To enable interaction between the SVM and the Microsoft Windows Server (Hyper-V) hypervisor.
22 TCP
80 TCP
443 TCP		 From the SVM to the Citrix XenServer hypervisor. For interaction between the SVM and the Citrix XenServer hypervisor.
22 TCP From the SVM to the KVM hypervisor. For interaction between the SVM and the KVM hypervisor.
9876 UDP From the SVM to the Light Agent. To enable Light Agents to receive information about all SVMs available on the network and their load levels.
8000 UDP From the Light Agent to the SVM.
7271 TCP From the SVM to the Integration Server. For interaction between the SVM and the Integration Server.
7271 TCP From the Light Agent to the Integration Server. For interaction between the Light Agent and the Integration Server.
11111 TCP From the Light Agent to the SVM. To transfer service requests (e.g., requests for license information) from the Light Agent to the SVM.
9876 TCP From the Light Agent to the SVM. To send request for scanning files from the Light Agent to the SVM.
80 TCP From the Light Agent to the SVM. To update databases and application modules on the Light Agent.
15000 UDP From Kaspersky Security Center to the SVM. To manage the application via Kaspersky Security Center on the SVM.
15000 UDP From Kaspersky Security Center to Light Agents. To manage the application via Kaspersky Security Center on the Light Agents.
13000 TCP / 14000 TCP From the SVM to Kaspersky Security Center. To manage the application via Kaspersky Security Center on the SVM.
13000 TCP / 14000 TCP From the Light Agent to Kaspersky Security Center. To manage the application via Kaspersky Security Center on Light Agents.

If the Light Agent installed on the protected virtual machine receives the information about the SVM through multicast, then the routing of the packets through IGMP version 3 for group 239.255.76.65:9876 must be established for connecting the Light Agent to the Protection Server located on the SVM.  

After installation, Light Agent configures the settings of Microsoft Windows Firewall to allow incoming and outgoing traffic for the avp.exe process. If a domain policy is used for Windows Firewall, you need to set a rule for inbound and outbound connections for the avp.exe process in the domain policy. If a different firewall is used, you need to set an exclusion rule for the avp.exe process for the firewall. 

If you are using the Citrix XenServer or VMware ESXi hypervisor with the promiscuous mode enabled on the network adapter of the guest operating system, the guest operating system receives all Ethernet frames passing through the commuter, if this is allowed by the VLAN policy. This mode can be used for traffic monitoring and analysis in the network segment where the SVMs and the protected virtual machines are used. The traffic between the SVM and protected virtual machines is not encrypted, therefore it is not recommended to use the promiscuous mode in network segments when the SVM is running. If you need to use this mode (for example, for monitoring traffic by other virtual machines to detect attempts of unauthorized access to the network or for fixing network issues), configure the restrictions to protect the traffic between the SVM and protected virtual machines from unauthorized access. 

 
 
 
 
Was this information helpful?
Yes No
Thank you
 
 
 

Back to "Installation and Removal"
 
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK