Open the following ports to connect to the specific Logpoint services. You do not need to open a port if you are not using that service.
Port/Protocol |
Services |
Direction |
Reason |
|---|---|---|---|
443 |
Web Server |
Towards Logpoint |
To access the Logpoint’s web interface. |
22 |
SSH |
Towards Logpoint |
To access the command line of Logpoint terminal. |
636 (encrypted) & 389 (unencrypted) |
LDAP enrichment source & LDAP authentication |
From Logpoint |
To retrieve enrichment sources and user and group information from the LDAP directory. |
20 & 21 |
FTP collector & fetcher |
From Logpoint (Fetcher) & Towards Logpoint (Collector) |
To collect FTP logs and fetch logs to/from Logpoint. |
514 & 6514 (SSL) |
Syslog collector & Syslog over TLS |
Towards Logpoint |
To collect plain text and encrypted Syslog logs. |
443 |
Support Registration |
Towards customer.logpoint.com |
For Support Registration. |
1193 |
Support Tunnel |
Towards reverse.logpoint.com |
To establish support tunnel. |
6161 & 6162 (SSL) |
Snare collector |
Towards Logpoint |
To collect Snare logs. |
6343 |
SFlow collector |
Towards Logpoint |
To collect SFlow logs. |
2055 |
Netflow collector |
Towards Logpoint |
To collect Netflow logs. |
1194 & 443 |
Open Door communication |
Towards Open Door Server |
To create a Distributed Logpoint Setup. |
Fetchers with configurable ports are not listed above. Other ports may have to be opened based on the requests made by Logpoint services.
To use UEBA, you must configure outgoing ports and domains. Go to Enabling UEBA for more details.