What ports, communication and encryption methods does Security Manager use?
Security Manager 4.20
Security Manager 4.50
Communication between the Agent and the Consolidator is encrypted using cylink mek encryption algorithm. For more information about encryption algorithm and agent authentication process, refer to the following knowledge base article:
By default, agents use secure TCP/IP port 1270 to communicate with the Consolidator unless agents are configured for or fail over to unencrypted communications. Unencrypted communication occurs over port 51515. Both of these ports are configurable.
The Consolidator and Agent Manager (CAM) communicates directly to the SQL server machine only when initially trying to discover a Data Access Server (DAS). In this instance, communication occurs between the component and a .dll file where the name of the Data Access Server (DAS) is stored. No central components ever touch the database directly. If DCOM tunneling is enabled, communication occurs over port 80, otherwise communication occurs using SQL ports 1024 and above.
When the Data Access Server (DAS) communicates to the database server, it uses SQL RPC ports.
The MMC Consoles (Monitor and Development) communicates to the Data Access Server (DAS) using random RPC ports.
The Web Console and Web Reporting communicate using normal HTTP traffic.
The Reporting Query Tool uses an ODBC connection to the database.
Please refer to the following knowledge base articles related to Agent Authentication process:
Overview of Agent Authentication mechanism in Security Manager.
How the Agent and Consolidator exchange keys using an initialize, rekey, and reinitialize process?
How can I validate and examine the information for authenticated agents?
How can I troubleshoot and resolve errors with Agent Authentication failures?