Directly contact our Support Team

GravityZone Communication Ports

Bitdefender GravityZone is a highly scalable and integrated security management solution capable of protecting from hundreds to millions of virtual or physical desktops, servers and mobile devices.
GravityZone manages all Bitdefender's Enterprise Security Solutions within Control Center - a web-based console that provides control, reporting and alerting services for various roles within the organization.

The following table provides information on the ports used by the GravityZone components:

   

Component   Direction   Port   Source / Destination   Description
Web Console   Inbound   80 (HTTP)   Any   Access to the Control Center web console, redirect to 443
443 (HTTPS) Any Access to the Control Center web console
  Outbound   27017
  GravityZone Database Server   Access to the GravityZone Database
  389   Domain Controller   Active Directory integration
  443   vShield Manager   vShield Manager integration
  443   Hypervisor   SVA remote deployment
  443   my.bitdefender.com   My Bitdefender account integration
  443   lv2.bitdefender.com   License validation
  7074   Update Server   Downloading updates
  Both   4369, 6150
  GravityZone Appliance   RabbitMQ communication between all the nodes of the GravityZone management cluster.
  39682   Web Console   Web Console to Web Console communication on distributed roles
Communication Server   Inbound   8443   Any   Management Traffic - Security Server Agent, Mobile Client management
  Outbound   27017   GravityZone Database Server   Access to the GravityZone Database
    5228, 5229, 5230   Google Cloud Messaging   Push notifications to Android devices
    2195, 2196, 5223   Apple Push Notification service   Push notifications to iOS devices. For more information, refer to this Apple KB article.
    7074   Update Server   Downloading updates
  Both   4369, 6150
  GravityZone Appliance   RabbitMQ communication between all the nodes of the GravityZone management cluster.
    8080, 8082   Windows XP / Windows Server 2003   Communication with the GravityZone Appliance for normal and silent deployment
Database Server   Inbound   27017   GravityZone Database Server   Access to the GravityZone Database
  Outbound   7074   Update Server   Downloading updates
Update Server   Inbound   7074   Any   Ports used to allow communication between Control Center and Communication Server.
  Outbound   80
  upgrade.bitdefender.com   Publishing updates
  download.bitdefender.com   Downloading updates
  7074   Other local update server (optional)   Downloading updates
  7075   Outside proxy servers (if configured)
download.bitdefender.com
upgrade.bitdefender.com
lv2.bitdefender.com
mybitdefender.com
  Handles communication between GravityZone services and the outside world.
All roles of the GravityZone VA   Outbound   123   Network Time Protocol server   Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
Endpoint Security BEST   Outbound   80   submit.bitdefender.com   Port used for submitting endpoint dumps in case of crashes.
  upgrade.bitdefender.com   The official Bitdefender update server
  lv2.bitdefender.com   License validation
    7074   Update Server   Downloading updates from Update Server
      Endpoint Security/BEST Relay (if available)   Downloading installation packages in the deployment phase from Endpoint Security/BEST Relay
Communication messages received from endpoints linked to Endpoint Security/BEST Relay
7076 Bitdefender Cloud Servers:
avc-fu.nimbus.bitdefender.net
nimbus.bitdefender.net/elam/blob
elam-fu.nimbus.bitdefender.net/submission
nimbus.bitdefender.net
Encrypted communication messages (when Endpoint Security/BEST Relay is used as a proxy)
8080, 8082, 8443 Communication Server Link between Endpoint Security/BEST and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443 Web Server Downloading installation packages during deployment  (Setup Downloader)
avc-fu.nimbus.bitdefender.net Antimalware behavior scanning with Bitdefender Cloud Servers
nimbus.bitdefender.net/elam/blob Early Launch Anti-Malware (ELAM) cloud server
elam-fu.nimbus.bitdefender.net/submission Submission to Bitdefender cloud servers of unrecognized applications by Early Launch Anti-Malware (ELAM) module
nimbus.bitdefender.net Antimalware, antiphishing and content control scanning with Bitdefender Cloud Servers
7081   Security Server   Antimalware scanning with Security Server
    7083   Security Server   Antimalware scanning with Security Server when using SSL traffic encryption
  Inbound   N/A   N/A   N/A
Endpoint Security/BEST Relay   Outbound   80   submit.bitdefender.com   Port used for submitting endpoint dumps in case of crashes.
  upgrade.bitdefender.com   The official Bitdefender update server
  lv2.bitdefender.com   License validation
7074   Update Server   Downloading updates from Update Server
  Endpoint Security/BEST Relay* (if available)   Downloading installation packages in the deployment phase from Endpoint Security/BEST Relay
Communication messages received from endpoints linked to Endpoint Security/BEST Relay
7076   Bitdefender Cloud Servers:
avc-fu.nimbus.bitdefender.net
nimbus.bitdefender.net/elam/blob
elam-fu.nimbus.bitdefender.net/submission
nimbus.bitdefender.net
  Encrypted communication messages received from endpoints linked to Endpoint Security/BEST Relay
7081   Security Server   Antimalware scanning with Security Server
7083   Security Server   Antimalware scanning with Security Server when using SSL traffic encryption
8080, 8082, 8443   Communication Server   Link between Endpoint Security/BEST Relay and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443   Web Server   Downloading installation packages during deployment  (Setup Downloader)
  avc-fu.nimbus.bitdefender.net   Antimalware behavior scanning with Bitdefender Cloud Servers
  nimbus.bitdefender.net/elam/blob   Early Launch Anti-Malware (ELAM) cloud server
  elam-fu.nimbus.bitdefender.net/submission   Submission to Bitdefender cloud servers of unrecognized applications by Early Launch Anti-Malware (ELAM) module
  nimbus.bitdefender.net   Antimalware, antiphishing and content control scanning with Bitdefender Cloud Servers
Inbound   7074   Endpoint Security, BEST   Communication messages (such as settings and events) received from endpoints linked to Endpoint Security/BEST Relay
  7076   Bitdefender Cloud Servers:
avc-fu.nimbus.bitdefender.net
nimbus.bitdefender.net/elam/blob
elam-fu.nimbus.bitdefender.net/submission
nimbus.bitdefender.net
  Encrypted communication messages received from endpoints linked to Endpoint Security/BEST Relay
Bitdefender Tools for Virtualized Environments Integrated with vShield   Outbound   48651   Security Server   Antimalware traffic scanning sent by vShield driver
    8443   Communication Server   Link between Bitdefender Tools (for Linux) and Communication Server
  Inbound   N/A   N/A   N/A
Security Server for Virtualized Environments Integrated with vShield   Outbound   7074   Update Server   Downloading updates from Update Server
8443   Communication Server   Antimalware traffic scanning sent by vShield driver
  Inbound   48651   Any   Linux virtual machines traffic scanning
  48652   Any   Communication between the hypervisor and Security Server
Bitdefender Tools for Virtualized Environments (Multi-Platform)   Outbound   7081   Security Server   Antimalware scanning with Security Server
  7083   Security Server   Antimalware scanning with Security Server when using SSL traffic encryption
  8443   Communication Server   Communication between Bitdefender Tools and Communication Server
Downloading installation packages during deployment
  7074   Update Server   Downloading updates
  443   Web Server   Downloading installation packages during deployment (Setup Downloader)
  80   nimbus.bitdefender.net   Antimalware scanning with Bitdefender Cloud Servers
  Inbound   N/A   N/A   N/A
Security Server for Virtualized Environments (Multi-Platform)   Outbound   7074
  Update Server   Downloading updates from Update Server
  8443   Communication Server   Link between Security Server and Communication Server
  Inbound   7081   Any   Antimalware traffic scanning sent by Bitdefender Tools / BEST
  7083   Any   Antimalware traffic scanning sent by Bitdefender Tools / BEST over SSL
GravityZone Mobile Client   Outbound   8443   Communication Server   Mobile Client management
  Inbound   N/A   N/A   N/A


* Since the relay is an update server that needs to listen all the time on a port, Bitdefender provides a mechanism able to automatically open a random port on localhost (127.0.0.1), so that the update server can receive proper configuration details. This mechanism applies when the default port 7074 is used by another application. In this case, the update server tries to open the 7075 port to listen on localhost. If 7075 port is also unavailable, the update server will search for another port that is free (in range of 1025 to 65535) and successfully bind to listen on localhost.

Can't find a solution for your problem? Open an email ticket and we will answer the question or concern in the shortest time possible.

Rate this article:

Submit