Protocols and Ports Required for Monitoring File Servers
Review a full list of protocols and ports required for Netwrix Auditor for File Servers.
- Allow outbound connections from the dynamic (1024 - 65535) local port on the computer where Netwrix Auditor Server resides.
- Allow outbound connections to remote ports on the source and inbound connections to local ports on the target.
Tip for reading the table: For example, on the computer where Netwrix Auditor Server resides (source), allow outbound connections to remote 389 TCP port. On domain controllers in your domain (target), allow inbound connections to local 389 TCP port.
| Port | Protocol | Source | Target | Purpose |
|---|---|---|---|---|
| Windows File Servers | ||||
|
389 |
TCP/UDP |
Netwrix Auditor Server |
Domain controllers |
LDAP DC query Account resolve |
|
135 + Dynamic: 1024 -65535 |
TCP |
Netwrix Auditor Server |
Monitored computer |
Windows Management Instrumentation Firewall configuration Core Service communication |
|
135 and 137 through 139 |
TCP |
Netwrix Auditor Server |
Monitored computer |
Service Control Manager Remote Protocol Core Service installation |
|
445 |
TCP |
Netwrix Auditor Server |
Monitored computer |
SMB 2.0/3.0 |
|
3268 |
TCP |
Netwrix Auditor Server |
Domain controllers |
LDAP Group membership GC search |
| EMC Isilon | ||||
|
8080 |
TCP |
Netwrix Auditor Server |
Isilon cluster |
HTTPS Used to connect to the Isilon Management Server |
| Nutanix File Server | ||||
|
9898 |
TCP |
Nutanix File Server |
Netwrix Auditor Server |
Used to listen to notifications on operations with Nutanix file shares. |