You want to know which TCP ports are used by the Symantec Quarantine Server version 2.0 to communicate with the Symantec Security Response (formerly known as SARC) auto-response server to submit quarantined files. You want to know whether opening these ports at the firewall will expose your network to security risks.
By default, Symantec Quarantine Server 2.0 communicates with the Symantec Security Response auto-response server using the static ports 2847 and 2848 and only require Outbound traffic be enabled. These ports are used by the Quarantine Server to submit viruses using the Scan and Deliver option. These ports are closed after the submission is completed. Symantec Quarantine Server also connects to the Internet using port 80 to obtain virus definition updates. Opening these ports at the firewall to allow outbound traffic from the Symantec Quarantine Server should not pose a security threat.
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.