Go Up
You are here: DeploymentAppendixProtocols and Ports Required for Netwrix AuditorNetwrix Auditor Server

Protocols and Ports Required for Netwrix Auditor Server

During installation, Netwrix Auditor automatically creates inbound Windows Firewall rules for the essential ports required for the product to function properly. If you use a third-party firewall, make sure to allow inbound connections to local ports on the target and outbound connections to remote ports on the source.

Tip for reading the table: For example, on the computer where Netwrix Auditor client is installed (source), allow outbound connections to remote 135 TCP port. On the computer where Netwrix Auditor Server resides (target), allow inbound connections to local 135 TCP port.

Port Protocol Source Target Purpose

135

TCP

Computer where Netwrix Auditor client is installed

Netwrix Auditor Server

Netwrix Auditor remote client console

9004

TCP

Monitored computers

Netwrix Auditor Server

Core services responsible for user activity monitoring

9011

TCP

Computers where Netwrix Auditor for Windows Server Compression Services reside

Netwrix Auditor Server

Network traffic compression and interaction with hubs and services

9699

TCP

Script / query host

Netwrix Auditor Server

Netwrix Auditor Integration API

Dynamic:

1024 -65535

TCP

Computers where Netwrix Auditor Server and Netwrix Auditor client are installed

Netwrix Auditor Server

Netwrix Auditor internal components interaction.

Allow C:\Program Files (x86)\Netwrix Auditor\Audit Core\NwCoreSvc.exe to use the port.

Go Up