Ports required for Critical System Protection and Data Center Security Server Advanced Manager/Console/Agent Port Communication
Last Updated June 28, 2019
Netstat query on SCSP (Critical System Protection) / DCS (Data Center Security) manager shows a large number of port connections.
The management server uses UDP port 1434 to query the MS SQL Server system and find the port used by the Symantec Critical System Protection instance. Once the MS SQL Server system returns the port for the Symantec Critical System Protection instance, the management server then connects to the instance using that port. Thus, your firewall must allow traffic from the management server to the MS SQL Server system on UDP port 1434 and on the TCP port used by the Symantec Critical System Protection instance.
Regarding questions about how many connections are established between Tomcat and the DB, this is configured in the server.xml file. The default setting is to establish a pool of 25 connections for console operations and 125 connections for agent operations. The connection pool is used and reused over time as console/agent operations are executed on the server. The connection pool model avoids the overhead of opening and closing database sessions each time a DB operation needs to be performed. It is possible to modify these configuration settings but we see no value in the customer doing so.
Below are the port numbers used by each SCSP component:
Management console (Console.exe) -
Outbound communication to the management service using remote TCP ports 4443, 8006, and 8081.
Management service (SISManager.exe) -
Inbound communication from the management console using local TCP ports 4443, 8006, and 8081.
Inbound communication with the agents uses local TCP port 443.
Outbound communication with production SQL servers using the remote TCP port that the SQL server uses for the server instance (1433 by default).