ADDM Network Traffic

Scanning Appliance Discovery Communication

Represented by violet arrows in Physical Architecture diagram in section 8.1.1.
portprotocolsourcepurpose
N/A ICMP S,P ping
4 UDP,TCP S closed port check
22 TCP S secure shell access on UNIX hosts
80 TCP (HTTP)S fetch HTTP banners
135 UDP,TCP S detect Windows RPC
161 UDP (SNMP)S SNMP get operations
443 TCP (HTTPS)S fetch HTTP banners
and vCenter
902 TCP (vSphere)S retrieve standalone ESX/ESXi Host details
5122 TCP S alternate secure shell access on some UNIX hosts


Windows Proxy Discovery Communication

Represented by green arrows in Physical Architecture diagram in section 8.1.1.
portprotocolsourcepurpose
N/A ICMP S,P ping
135 UDP,TCP P DCE RPC endpoint management,
DCOM service control
(if have old-style domains then also port 139)
445 UDP,TCP P Directory Services SMB
5100 to 6000UDP,TCPP Restricted DCOM data sessions


Component System Communication

portprotocolsourcepurpose
22 TCP I SSH. All Machines
25 TCP (SMTP)I Email alerting for a future phase. All Machines
53 UDP O DNS. All Machines
389 TCP O LDAP Proxy Windows authentication
123 UDP O NTP. All Machines
443 TCP I All Machines
636 TCP O LDAPS. All Machines
3389 TCPI RDP access to Proxy host
4321 TCP (CORBA)I AD Proxy Service, RES domain. From scanners.
4331 TCP (CORBA)I AD Proxy Service, SUC domain. From scanners.
46262TCP O CMDB Sync. Out from syncing machines to all RoD CMDBs.


abbreviationvalue
SScanning machine
PWindows Proxy
OOutgoing component System comm
IIncoming component System comm