Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Policy Enforcer Ports

    You will need to open ports for Policy Enforcer to communicate with other products and devices.

    Table 1 lists the ports that Policy Enforcer uses to communicate with Security Director.

    Table 1: Policy Enforcer Ports to Communicate with Security Director

    Service

    Protocol

    Port

    In

    Out

    HTTPS

    TCP

    8080

    X

    HTTPS

    TCP

    443

    X

    Table 2 lists the ports that Policy Enforcer uses to communicate with SRX Series Devices.

    Table 2: Policy Enforcer Ports to Communicate with SRX Series Devices

    Service

    Protocol

    Port

    In

    Out

    HTTPS

    TCP

    443

    X

    Table 3 lists the ports that Policy Enforcer uses to communicate with the Sky ATP server to download feeds.

    Note: Connectivity between Sky ATP and Policy Enforcer is certificate-based. Once the trust is established, every request is within a context of valid token.

    Table 3: Policy Enforcer Ports to Communicate with cloudfeeds.sky.junipersecurity.net

    Service

    Protocol

    Port

    In

    Out

    HTTPS

    TCP

    443

    X

    Table 4 lists the remaining Policy Enforcer services.

    Table 4: Policy Enforcer Services

    Service

    Comments

    DNS

    Used for basic network connection.

    NTP

    Used to synchronize system clocks with the Network Time Protocol (NTP).

    If you are using NSX with Policy Enforcer (or Security Director), the following ports must be opened on NSX.

    Table 5: NSX Ports

    Port

    In

    Out

    Comments

    443

    X

    Used for communication between NSX and Security Director.

    7804

    X

    Used for outbound SSH based auto discovery of devices.

    22

    X

    Used for host management and image upload over sftp.

    Modified: 2017-10-11