Directly contact our Support Team

GravityZone Communication Ports

The following table provides information on the ports that GravityZone components use for communication.
You need to have these ports open and to exclude all addresses mentioned in this table from any gateway security solution or network packet inspection so that GravityZone functions flawlessly.

Component Direction Port Source / Destination Description
Web Console
(Control Center)
Inbound 80 (HTTP) Any Access to the Control Center web console, redirect to 443
443 (HTTPS) Any Access to the Control Center web console
Outbound 27017 GravityZone Database Server Access to the GravityZone Database
123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
389 (LDAP) Active Directory Domain Controller Active Directory integration
636 (LDAPS)
3268 Domain Controller Global Catalog
3269
443 NSX Manager VMware NSX Manager integration
vCenter Server

Communication between GravityZone and vCenter Server

my.bitdefender.com My Bitdefender account integration
lv2.bitdefender.com License validation
7074 GravityZone Update Server Downloading updates
7075
9440 Nutanix Prism Element Nutanix Prism Element integration
Both 22 GravityZone virtual appliances Internal communication between GravityZone virtual appliances in the management cluster

4369, 5672, 6150

GravityZone virtual appliances RabbitMQ communication between the GravityZone appliances in the management cluster
32002  Web Console Communication between Web Console instances when this role is distributed
Communication Server Inbound 8443 Any Traffic management from/to Security Server, Security Agent, Mobile Client
8080 Agent running on Windows XP / Windows Server 2003 Communication between the GravityZone appliance and Security Agent.
Outbound 123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
27017 GravityZone Database Server Access to the GravityZone Database
5228, 5229, 5230 Firebase Cloud Messaging Push notifications to Android devices
2195, 2196, 5223 Apple Push Notification service Push notifications to iOS devices. For more information, refer to this Apple KB article.
7074 GravityZone Update Server Downloading updates from the local Update Server
7075
Both 22 GravityZone virtual appliances Internal communication between GravityZone virtual appliances in the management cluster

4369,
5672, 6150

GravityZone virtual appliances RabbitMQ communication between the GravityZone appliances in the management cluster
Database Server Inbound 27017 GravityZone Database Server Access to other GravityZone database instances and replica set members.
Outbound 7074 Update Server Downloading updates
7075
123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
Both 22 GravityZone virtual appliances Internal communication between GravityZone virtual appliances in the management cluster
Update Server Outbound 80 upgrade.bitdefender.com Downloading updates from the online Bitdefender Update Servers (the official repository)
download.bitdefender.com Downloading installation kits
123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
443 upgrade.bitdefender.com Publishing updates
download.bitdefender.com Downloading updates
nimbus.bitdefender.net Antimalware, antiphishing and content control scanning with Bitdefender Global Protective Network
53 *.v1.bdnsrt.org DNS requests for signature update checks
Both 22 GravityZone virtual appliances Internal communication between GravityZone virtual appliances in the management cluster
7074 GravityZone Update Server Downloading updates
7075 Outside proxy servers (if configured) download.bitdefender.com upgrade.bitdefender.com lv2.bitdefender.com
mybitdefender.com
Handles communication between GravityZone services and the outside world
7077 Any Staging Update Server communication.
Report Builder Database Inbound 27017 Report Builder Processors Listening for requests
Outbound 123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
7074 GravityZone Update Server Downloading updates
7075
Both 22 SSH Server Internal communication between GravityZone virtual appliances in the management cluster
Report Builder Processors Inbound 6379 Communication Server Listening for requests
Outbound 27017 GravityZone Report Builder Database Access to the Report Builder Database
123 Network Time Protocol (NTP) server Time synchronization between all GravityZone appliances. The NTP service synchronizes by default with ntp.pool.org. The NTP server address can also be changed from Control Center user interface.
Both 80 Web Console Access to Web Console, redirect HTTP request to port 443; Listening for requests
443 Web Console Access to Web Console; Listening for requests
22 SSH Server Internal communication between GravityZone virtual appliances in the management cluster
Security Agent (BEST, BEST Legacy, Endpoint Security, Endpoint Security for Mac) Outbound 80 submit.bitdefender.com Port used for submitting endpoint dumps in case of crashes.
upgrade.bitdefender.com Downloading updates from the online Bitdefender Update Servers (the official repository)
lv2.bitdefender.com License validation
53 *.v1.bdnsrt.org DNS requests for signature update checks
7074 GravityZone Update Server Downloading updates from GravityZone Update Server
Relay (if available) Downloading installation packages in the deployment phase from the Relay
Communication messages received from endpoints linked to the Relay
7076 Bitdefender Global Protective Network:
nimbus.bitdefender.net
Encrypted communication messages (when the Relay is used as a proxy)
8080, 8443 Communication Server Link between the Security Agent and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443 Web Server Downloading installation packages during deployment  (Setup Downloader)
upgrade.bitdefender.com Downloading updates from the online Bitdefender Update Servers (the official repository) over an encrypted channel
Sandbox Analyzer Portal:
sandbox-portal.gravityzone.bitdefender.com sandbox-portal-us.gravityzone.bitdefender.com
Communication between the feeding sensor and the virtual machines from Sandbox Analyzer Cluster on which the sample is detonated.
nimbus.bitdefender.net Antimalware, antiphishing and content control scanning with Bitdefender Global Protective Network
7081 Security Server Antimalware scanning with Security Server
7083 Security Server Antimalware scanning with Security Server when using SSL traffic encryption
Relay Agent Inbound 7074 Security Agent Communication messages (such as settings and events) received from endpoints linked to the Relay
7076 Security Agent Encrypted communication messages proxied from connected endpoints to Bitdefender Global Protective Network:
nimbus.bitdefender.net
Outbound
80 submit.bitdefender.com Port used for submitting endpoint dumps in case of crashes.
upgrade.bitdefender.com Downloading updates from the online Bitdefender Update Servers (the official repository)
lv2.bitdefender.com License validation
53 *.v1.bdnsrt.org DNS requests for signature update checks
7074 Update Server Downloading updates from GravityZone Update Server
Relay* (if available) Downloading installation packages in the deployment phase from another Relay
Communication messages received from endpoints linked to the Relay
7076
Bitdefender Global Protective Network: nimbus.bitdefender.net
Encrypted communication messages received from endpoints linked to the Relay Agent
7081 Security Server Antimalware scanning with Security Server
7083 Security Server Antimalware scanning with Security Server when using SSL traffic encryption
8080, 8443 Communication Server Link between the Relay Agent and Communication Server
Downloading installation packages during deployment  (Setup Downloader)
443 Web Server Downloading installation packages during deployment  (Setup Downloader)

upgrade.bitdefender.com

Downloading updates from the online Bitdefender Update Servers (the official repository) over an encrypted channel
nimbus.bitdefender.net/elam/blob Early Launch Anti-Malware (ELAM) cloud server
nimbus.bitdefender.net Antimalware, antiphishing and content control scanning with Bitdefender Global Protective Network
Bitdefender Tools (vShield) Outbound 48651 Security Server Antimalware traffic scanning sent by vShield driver
8443 Communication Server Link between Bitdefender Tools (for Linux) and Communication Server
Security Server (vShield) Inbound 48652 Any Communication between the hypervisor and Security Server
6379 Security Server Allows traffic between Security Servers.
Outbound 7074 Update Server Downloading updates from GravityZone Update Server
8443 Communication Server Antimalware traffic scanning sent by vShield driver
443 upgrade.bitdefender.com Fallback for downloading updates from the Bitdefender Update Servers (the official repository) over an encrypted channel
80 upgrade.bitdefender.com Fallback for downloading updates from the Bitdefender Update Servers (the official repository)
Security Server (VMware NSX-T / NSX-V) Inbound 48652 Guest Introspection driver Communication between the hypervisor and Security Server
6379 Security Server Allows traffic between Security Servers.
22 SSH Server Allows remote SSH connections and file downloading from the Security Server quarantine.
Outbound 7074 Update Server Downloading updates from Update Server
80 upgrade.bitdefender.com Fallback for downloading updates from the Bitdefender Update Servers (the official repository)
download.bitdefender.com Downloading installation kits
443 upgrade.bitdefender.com Fallback for downloading updates from the Bitdefender Update Servers (the official repository) over an encrypted channel
download.bitdefender.com Downloading updates
8443 Communication Server Link between Security Server and Communication Server
6379 Security Server Allows traffic between Security Servers.
Bitdefender Tools (Multi-Platform) Outbound 7081 Security Server Antimalware scanning with Security Server
7083 Security Server Antimalware scanning with Security Server when using SSL traffic encryption
8443 Communication Server Communication between Bitdefender Tools and Communication Server
Downloading installation packages during deployment
7074 Update Server Downloading updates
443 Web Server Downloading installation packages during deployment (Setup Downloader)
80 nimbus.bitdefender.net Antimalware scanning with Bitdefender Global Protective Network
Security Server (Multi-Platform) Inbound 1344 Any Communication between NAS devices compliant with ICAP and Security Server
7081 Any Antimalware traffic scanning sent by Security Agent
7083 Any Antimalware traffic scanning sent by Security Agent over SSL
6379 Security Server Allows traffic between Security Servers.
Outbound 443 nimbus.bitdefender.net/katastif/manager Anonymized information regarding violations detected by Bitdefender HVI
upgrade.bitdefender.com Fallback for downloading updates from the online Bitdefender Update Servers (the official repository) over an encrypted channel
download.bitdefender.com Downloading updates
nimbus.bitdefender.net Periodical verification of antimalware detections with Bitdefender Global Protective Network
7074 Update Server Downloading updates from GravityZone Update Server
8443 Communication Server Link between Security Server and Communication Server
80 upgrade.bitdefender.com Fallback for downloading updates from the Bitdefender Update Servers (the official repository)
download.bitdefender.com Downloading installation kits
Network Sensor VA Outbound 443 Sandbox Analyzer Portal: sandbox-portal.gravityzone.bitdefender.com Communication between the feeding sensor and the virtual machines on which the sample is detonated.
GravityZone Mobile Client Outbound 8443 Communication Server Mobile Client management
443 nimbus.bitdefender.net Antimalware and web security scanning with Bitdefender Global Protective Network (Android devices only)
my.bitdefender.com License validation (Android devices only)
Secure VPN Cluster Both 4500 (UDP) GravityZone virtual appliances Used for NAT traversal mode
500 (UDP) GravityZone virtual appliances Allows Internet Security Association and Key Management Protocol (ISAKMP) traffic between GravityZone virtual appliances using the IPsec tool.


* Since the relay is an update server that needs to listen all the time on a port, Bitdefender provides a mechanism able to automatically open a random port on localhost (127.0.0.1), so that the update server can receive proper configuration details. This mechanism applies when the default port 7074 is used by another application. In this case, the update server tries to open the 7075 port to listen on localhost. If 7075 port is also unavailable, the update server will search for another port that is free (in range of 1025 to 65535) and successfully bind to listen on localhost.

Can't find a solution for your problem? Open an email ticket and we will answer the question or concern in the shortest time possible.

Rate this article:

Submit