Help Center
Quick Start
- Overview
- System requirements
- Minimum privileges required
- Default port configuration
- Installing DataSecurity Plus
- Uninstalling DataSecurity Plus
- Starting DataSecurity Plus
- Launching DataSecurity Plus
- Configuring your solution
- Licensing details
- Applying a license
File Auditing
- About File Auditing
- Domain configuration
- File server configuration
- Failover cluster configuration
- NetApp server configuration
- Workgroup configuration
Setting up File Audit
Dashboard
Reports
Alerts
Configuration
Storage Configuration
File Analysis
- About File Analysis
- On-Demand Reports
Setting up File Analysis
Dashboard
Reports
Alerts
Configuration
Data Risk Assessment
- About Data risk assessment
Setting up Data risk assessment
Dashboard
Reports
Ownership analysis
Configuration
Endpoint DLP
- About Endpoint DLP
Setting up Endpoint DLP
Reports
Alerts
Prevention policies
Configuration
Cloud Protection
- About Cloud Protection
- Gateway Server Configuration
- Certificate Authority Configuration
- Gateway Configuration in Endpoint
- Manage Certificate Trust Store
- Threat Analytics Database
- Manage Banned Applications
- Manage Authorized Applications
- Gateway Server Failover
- Two-way SSL configuration
- Global Insight
- Application Insight
- User Insight
- Shadow Application Insight
- Banned Application Insight
- Cloud App Discovery
- Cloud Access Reports
- Application Insights
- Shadow Cloud Application Reports
- Banned Cloud Application Reports
- File Upload & Download Reports
Setting up Cloud Protection
Dashboard
Reports
Control Policies
Storage Configuration
Administrative settings
- Technician configuration
- Notification filters
- Manage agent
- Agent settings
- SIEM integration
- Business hours configuration
- Two-factor authentication
- Workgroup configuration
- Security policy
Email configuration
General settings
- Connection
- Personalize
- DataSecurity Plus Server
- Privacy Settings
- Disk utilization
- Schedule Retention Policy
Policy Configuration
Release notes
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015
Troubleshooting
- HTTP communication failure
- Dormant DataEngine
- Secure Gateway server failure
- RPC communication failure
- Known issues and limitations
- Known errors and solutions
Guides
- Agent document
- How to Migrate/Move DataSecurity Plus
- How to apply SSL certificate
- How to automate DataSecurity Plus database backup
- How to set alerts in DataSecurity Plus
- How to secure your DataSecurity Plus installation
Port configuration guide
Below are the ports that need to be open for the regular functioning of DataSecurity Plus.
Product ports
The table below lists the default ports used by DataSecurity Plus. These can be changed during or after installation.
Port | Protocol | Purpose |
8800 | HTTP | Product web server and secondary port for agent to server communication |
9163 | HTTPS | Product web server and secondary port for agent to server communication |
8999 | HTTPS | Primary port for agent to server communication |
- To check which port is being used for HTTP/HTTPS communication, open the web console and navigate to Admin > General Settings > Connection.
- To change the default ports after installation, open the DataSecurity Plus web console and navigate to Admin Console > General Settings > Connection > Change port.
- Agent port 8999 and agent protocol HTTPS are used for agent data collection. In case of communication failure, the DataSecurity Plus server port and DataSecurity Plus server protocol are used after fallback.
The current fallback flow happens in a round-robin manner:
https://ServerName:8999
https://ServerFQDN:8999
https://ServerIP:8999
serverProtocol://ServerName:serverPort
serverProtocol://ServerFQDN:serverPort
serverProtocol://ServerIP:serverPort
System ports
The table below lists the ports on the destination computers that DataSecurity Plus uses. These ports can be opened in Windows or third-party firewalls.
Port | Protocol | Destination | Service | Purpose | Direction |
135 | TCP | Monitored computers | RPC | Agent communication | Outbound |
137 | TCP and UDP | Monitored computers | RPC | Agent communication | Outbound |
138 | UDP | Monitored computers | RPC | Agent communication | Outbound |
139 | TCP | Monitored computers | RPC | Agent communication | Outbound |
445 | TCP and UDP | Monitored computers | RPC | For listing file shares | Outbound |
389 | TCP and UDP | Domain controllers | LDAP | For syncing AD objects with DataSecurity Plus | Outbound |
636 | TCP | Domain controllers | LDAP over SSL | For syncing AD objects with DataSecurity Plus | Outbound |
3268 | TCP | Domain controllers | Global catalog | For syncing AD objects with DataSecurity Plus | Outbound |
3269 | TCP | Domain controllers | Global catalog over SSL | For syncing AD objects with DataSecurity Plus | Outbound |
88 | TCP | Domain controllers | Kerberos | For syncing AD objects with DataSecurity Plus | Outbound |
25 | TCP | SMTP servers | SMTP | To send emails | Outbound |
465 | TCP | SMTP servers | SSL | To send emails | Outbound |
587 | TCP | SMTP servers | TLS | To send emails | Outbound |
49152 - 65535 | TCP | Monitored computers | RPC randomly allocated high TCP ports | For agent communication and cluster configuration | Outbound |
- Remote registry services are required to monitor agent status and must be running on all machines that have the DataSecurity Plus agent installed.
- If you are using Windows Firewall, you can open dynamic ports 49152 to 65535 on the monitored computers by enabling the outbound rules listed below.
- Remote Event Log Management (NP-In)
- Remote Event Log Management (RPC)
- Remote Event Log Management (RPC-EPMAP)
To enable the above rules: Open Windows Defender Firewall with Advanced Security > Inbound Rules, and right-click the respective rules > Click Enable Rule.