Default ports used by Security Center 5.11
Familiarize yourself with the default network ports that must be opened to allow proper communication between the core systems and modules of Security Center.
Information about firewalls
During the Security Center installation, you are given the option of allowing Security Center to create firewall rules for its applications. If you select this option, all Security Center applications are added as exceptions to the internal Windows firewall. However, you still must ensure that all the ports used by Security Center are open on your network.Ports used by core applications in Security Center
The following table lists the default network ports that must be opened to allow proper communication between the core applications and services in Security Center.
For a visual representation of the ports, see the Security Center Network Diagram - Platform.
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
Directory | ||||
Client and server connections | TCP 5500 | TCP 5500 | TLS 1.2 | SecurityDesk.exe ConfigTool.exe |
Config Tool | ||||
Genetec™ Server/Directory communication | TCP 5500 | TLS 1.2 | GenetecServer.exe | |
Map download requests to Map Manager | TCP 8012 | HTTPS | GenetecMapManager.exe | |
|
TCP 443 | HTTPS TLS 1.2 |
ConfigTool.exe | |
Security Desk | ||||
Genetec™ Server/Directory communication | TCP 5500 | TLS 1.2 | GenetecServer.exe | |
Map download requests to Map Manager | TCP 8012 | HTTPS | GenetecMapManager.exe | |
Authentication role communication | TCP 443 | HTTPS TLS 1.2 |
SecurityDesk.exe | |
SDK | ||||
Genetec™ Server/Directory communication | TCP 5500 | TLS 1.2 | GenetecServer.exe | |
Map download requests to Map Manager | TCP 8012 | HTTPS | GenetecMapManager.exe | |
All roles | ||||
Genetec™ Server/Directory communication NOTE: Previously port 4502. If port 4502 was
the server port before upgrading from 5.3 or earlier, 4502 remains the
server port after the upgrade.
|
TCP 5500 | TCP 5500 | Genetec Inc. proprietary protocol | GenetecServer.exe |
REST/Server Admin communication1 | TCP 80 | TCP 80 | HTTP | GenetecInterface.exe |
Secured REST/Server Admin/Authentication role communication1 | TCP 443 | TCP 443 | HTTPS | GenetecInterface.exe |
Outgoing connections to the SQL Database Engine hosted on another
server. Only required for roles that must connect to a database on another server. Not required if SQL Server is running on the same machine or if the role has no database. |
TCP 1433 | Microsoft Tabular Data Stream Protocol (TDS) | Role-dependent | |
Outgoing connections to the SQL Server Browser service for SQL Server
connection information. Only required for roles that must connect to a named database instance on another server. Not required for roles configured to connect to their database using a specific port. |
UDP 1434 | Microsoft SQL Server Resolution Protocol (SSRP) | Role-dependent | |
Map Manager | ||||
Requests for map download from client applications1 | TCP 8012 | HTTPS | GenetecMapManager.exe | |
Mobile Server | ||||
Communication from mobile clients | TCP 443 | HTTPS | GenetecMobileRole.exe GenetecMobileAgent.exe |
|
Communication from Archiver for video streaming and storage | TCP 9000-10000 | HTTP | GenetecMobileRole.exe GenetecMobileAgent.exe |
|
Record Caching Service | ||||
REST/Server Admin communication1 | TCP 80 | TCP 80 | HTTP | GenetecIngestion.exe |
Secured REST/Server Admin/Authentication role communication1 | TCP 443 | TCP 443 | HTTPS | GenetecIngestion.exe |
Unit Assistant | ||||
Communication with Archiver roles | TCP 5500 | TCP 5500 | Genetec Inc. proprietary protocol | GenetecUnitAssistantRole.exe |
Wearable Camera Manager | ||||
Configurable in the UI | TCP 48830 | Genetec Clearance™ protocol | GenetecBwcManagerRole.exe | |
Configurable in a config file | TCP 48831, 48832, 48833 | Clearance protocol | GenetecBwcAgentService.exe | |
Web Server | ||||
Initial connection between server hosting Web Server role and browser
used for Web Client NOTE: Redirected to HTTPS port after initial
connection.
|
TCP 80 | TCP 80 | HTTP | GenetecWebClient.exe |
|
TCP 443 | TCP 443 | HTTPS | GenetecWebClient.exe |
Web Client video requests to Media Gateway | TCP 443 | HTTPS | GenetecWebClient.exe | |
Genetec Web App video requests to Media Gateway | TCP 443 | HTTPS | Genetec.WebApp.Console.exe | |
Genetec™ Update Service (GUS) | ||||
GUS Sidecar requires port TCP 4596 to communicate with the GUS on the same machine. Sidecar ports are not used outside of the local machine. | N/A | GenetecUpdaterService.Sidecar.exe | ||
Deprecated. Formerly used to access the GUS web page. Redirects to TCP 4595 in the latest GUS version1 | TCP 4594 | N/A | GenetecUpdateService.exe | |
Secure communication with the GUS web page, and other GUS servers1 | TCP 4595 | TCP 4595 | HTTPS | GenetecUpdateService.exe |
Communication with Microsoft Azure and Genetec Inc.1 | TCP 443 | TCP 443 | HTTPS | GenetecUpdateService.exe GenetecUpdaterService.Sidecar.exe |
SQL Server | ||||
Incoming connections to the SQL Database Engine from roles on other servers | TCP 1433 | Microsoft Tabular Data Stream Protocol (TDS) | sqlservr.exe | |
Incoming connections to the SQL Server Browser service for SQL Server connection information | UDP 1434 | Microsoft SQL Server Resolution Protocol (SSRP) | sqlbrowser.exe | |
System Availability Monitor Agent (SAMA) | ||||
Legacy port for communication with Security Center servers1 | TCP 4592 | HTTP | Genetec.HealthMonitor.Agent.exe | |
Communication with Security Center servers1 | TCP 443 | HTTPS | Genetec.HealthMonitor.Agent.exe | |
Connection to the Health Service in the Cloud1 | TCP 443 | HTTPS | Genetec.HealthMonitor.Agent.exe |
1 These ports use Windows System components to handle HTTP requests. Microsoft components using http.sys require the following rule: dir="in" protocol="6" lport="<SPECIFY PORT USED HERE: CAN BE 80, 443, or CUSTOM>" binary="System".
Ports used by AutoVu applications in Security Center
The following tables lists the default network ports that must be opened to allow proper communication between Security Center and external AutoVu™ components when AutoVu is enabled in your system.
For a visual representation of the ports, see the Security Center Network Diagram - ALPR.
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
Sharp unit | ||||
SSH port for SharpOS 14 (optional) | TCP 22 | HTTP | Sharp unit | |
Video port (Security Center extension HTTP) Communication port (HTTP for SharpOS 12.7 and lower) |
TCP 80 | HTTP | Sharp unit | |
Secure port (LPM protocol, video, Genetec protocol) | TCP 443 | HTTPS | Sharp unit | |
RTSP video requests | TCP 554 UDP 554 |
RTSP | Sharp unit | |
Appliance discovery service | UDP 2728 | UDP | Sharp unit | |
RDP access port (optional) | TCP 3389 | TCP | Sharp unit | |
Silverlight ports and image feed service (for Sharp models earlier than SharpV) | TCP 4502-4534 | HTTP | Sharp unit | |
Control port (Mobile installation) | TCP 4545 | HTTP | Sharp unit | |
Discovery port | UDP 5000 | UDP | Sharp unit | |
Control port (Fixed installation) | TCP 8001 | HTTP | Sharp unit | |
Cloud (PIP) | TCP 443 | PIP | Sharp unit | |
Syslog (on demand) | UDP 514 | Sharp unit | ||
LPM protocol communication | TCP 10001 | HTTPS | Sharp unit | |
Extensions | ||||
FTP file upload. Only used when the FTP extension is configured. | TCP 21 | FTP | Sharp unit | |
HTTP file upload. Only used when the HTTP extension is configured. | Any port | HTTP\HTTPS | Sharp unit | |
ALPR Manager | ||||
Genetec Patroller™ communication and fixed Sharp units (not used for LPM protocol connections) | TCP 8731 | HTTP | GenetecLicensePlateManager.exe | |
LPM protocol listening port | TCP 10001 | HTTPS | GenetecLicensePlateManager.exe | |
Secure communication port for DataExporter | TCP 443 | HTTPS | GenetecLicensePlateManager.exe | |
Fixed Sharp unit discovery | UDP 5000 | N/A | GenetecLicensePlateManager.exe | |
RabbitMQ communication port when used by DataExporter (optional) | TCP 5671 | HTTPS | GenetecLicensePlateManager.exe | |
Sharp control port (used for Live connections, not LPM protocol connections) | TCP 8001 | HTTP | GenetecLicensePlateManager.exe | |
Communication with Pay-by-Plate Sync plugin | TCP 8787 | HTTP | GenetecLicensePlateManager.exe | |
TCP 8788 | HTTPS | GenetecLicensePlateManager.exe | ||
Archiver1 | ||||
Default Media Router RTSP port | TCP 554 | RTSP | GenetecArchiverAgent32.exe | |
Default Archiver port | TCP 555 | RTSP | GenetecArchiverAgent32.exe | |
Patroller (in-vehicle computer) | ||||
Communication with mobile Sharp units | TCP 4545 | HTTP | Patroller.exe | |
Time synchronization service for Sharp units | TCP 4546 | SNTP | Patroller.exe | |
Communication with Simple Host | TCP 8001 | HTTP | Patroller.exe | |
Communication with Pay-by-Plate Sync plugin | TCP 8787 | HTTP | Patroller.exe | |
Communication with Curb Sense and Plate Link | TCP 443 | HTTPS | Patroller.exe | |
Communication with mobile Sharp units | TCP 4545 | HTTPS | Patroller.exe | |
Sharp camera discovery | UDP 5000 | UDP | Patroller.exe PatrollerConfigTool.exe |
|
ALPR Manager connection | TCP 8731 | HTTP and message-level encryption | Patroller.exe | |
Pay-by-Plate Sync | ||||
Communication with Free-Flow and Patroller | TCP 8787 | HTTP | GenetecPlugin.exe for Pay-by-Plate Sync | |
Secure communication with Free-Flow | TCP 8788 | HTTPS | GenetecPlugin.exe for Pay-by-Plate Sync | |
Communication with Free-Flow and Patroller | TCP 8787 | HTTP | GenetecPlugin.exe for ALPR Manager | |
Secure communication with Free-Flow | TCP 8788 | HTTPS | GenetecPlugin.exe for ALPR Manager |
1 You can also add a SharpV to Security Center as a standard video unit using separate Archiver and Media Router roles. For more information on adding a video unit, see Ports used by Omnicast applications in Security Center.
Ports used by Omnicast applications in Security Center
The following table lists the default network ports that must be opened to allow proper communication between Security Center and external IP video devices when Omnicast™ is enabled in your system.
For a visual representation of the ports, see the Security Center Network Diagram - Video.
.
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
Archiver | ||||
Communication with Cloud Storage | TCP 804, 4434 | HTTPS TLS 1.2 |
GenetecArchiverAgent32.exe | |
Communication between the Archiver and the Media Router to announce content | TCP 554 | RTSP over TLS when secure communication enabled | GenetecArchiverAgent32.exe | |
Live and playback stream requests | TCP 5551 | RTSP over TLS when secure communication enabled | GenetecArchiverAgent32.exe | |
Edge playback stream requests | TCP 6051 | RTSP | GenetecVideoUnitControl32.exe | |
Mobile device streaming through the Mobile Server | TCP 9000-10000 | HTTP | GenetecVideoUnitControl32.exe | |
Communication between the primary Archiver and failover servers | TCP 5500 | TCP 5500 | TLS 1.2 | GenetecArchiver.exe GenetecArchiverAgent32.exe GenetecVideoUnitControl32.exe |
Telnet console connection requests | TCP 56021 | Telnet | GenetecArchiverAgent32.exe | |
Audio from client applications | UDP 6000-6500 | RTP | GenetecVideoUnitControl32.exe | |
Live unicast streaming from IP cameras | UDP 15000–199992 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecVideoUnitControl32.exe | |
Live video and audio multicast streaming | UDP 47806, 47807 | UDP 47806, 47807 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecArchiverAgent32.exe GenetecVideoUnitControl32.exe |
Vendor-specific ports for cameras | TCP & UDP | TCP Common ports include:
|
|
GenetecVideoUnitControl32.exe |
Redirector | ||||
Live and playback stream requests | TCP 560 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Communication with Media Router (Security Center Federation™) | TCP 554 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Communication with Archiver | TCP 555 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Communication with Auxiliary Archiver | TCP 558 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Cloud playback requests | TCP 5704 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Edge playback stream requests | TCP 605 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Communication with Privacy Protector™ | TCP 754 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Stream requests to other redirectors | TCP 560 | RTSP over TLS when secure communication enabled | GenetecRedirector.exe | |
Media transmission to client applications | TCP 9603 | UDP 6000-6500 TCP 9603 |
SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecRedirector.exe |
Media transmission to other redirectors | UDP 8000–12000 | UDP 8000–12000 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecRedirector.exe |
Live video and audio multicast streaming | UDP 47806, 47807 | UDP 47806, 47807 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecRedirector.exe |
Live video multicast streaming (Security Center Federation™) | UDP 65246 | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecRedirector.exe |
Auxiliary Archiver | ||||
Live and playback stream requests | TCP 558 | RTSP over TLS when secure communication enabled | GenetecAuxiliaryArchiver.exe | |
Unicast media streams | UDP 6000-6500 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecAuxiliaryArchiver.exe | |
Live video and audio multicast streaming | UDP 47806, 47807 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecAuxiliaryArchiver.exe | |
Live video multicast streaming (Security Center Federation™) | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecAuxiliaryArchiver.exe | |
Live stream requests | TCP 554, 555, 560 | RTSP over TLS when secure communication enabled | GenetecAuxiliaryArchiver.exe | |
Media transmission | TCP 9603 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecAuxiliaryArchiver.exe | |
Cloud Playback | ||||
Live and playback video requests from within Security Center | TCP 570 | RTSP over TLS when secure communication enabled | GenetecCloudPlaybackRole.exe GenetecCloudPlaybackAgent.exe |
|
Communication with Cloud Storage | TCP 80, 443 | TLS 1.2 | GenetecCloudPlaybackRole.exe GenetecCloudPlaybackAgent.exe |
|
Media Router | ||||
Live and playback stream requests, and announce requests | TCP 554 | RTSP over TLS when secure communication enabled | GenetecMediaRouter.exe | |
Federated Media Router stream requests | TCP 554 | RTSP over TLS when secure communication enabled | GenetecMediaRouter.exe | |
Media Gateway | ||||
Live and playback stream requests from RTSP clients | TCP 654 | RTSP over TLS when secure communication enabled | Genetec.MediaGateway.exe | |
Incoming stream requests from mobile and web clients | TCP 80, 443 |
|
Genetec.MediaGateway.exe | |
Communication between the Media Gateway agents and the Media Gateway role | TCP 5500 | TCP 5500 | TLS 1.2 | Genetec.MediaGateway.exe |
Live video unicast streams | UDP 6000-6500 | SRTP when using encryption in transit and at rest | Genetec.MediaComponent32.exe | |
Live video and audio multicast streaming | UDP 47806, 47807 | UDP 51914 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaComponent32.exe |
Live video multicast streaming (Security Center Federation™) | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaComponent32.exe | |
Live and playback video requests | TCP 554, 555, 558, 560, 605 | RTSP over TLS when secure communication enabled | Genetec.MediaComponent32.exe | |
Media transmission | TCP 9603 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecAuxiliaryArchiver.exe | |
Cloud playback requests | TCP 5704 | RTSP over TLS when secure communication enabled | Genetec.MediaComponent32.exe | |
Omnicast Federation™ | ||||
Connection to remote Omnicast 4.x systems. | TCP 5001-5002 | TCP | GenetecOmnicastFederation32.exe | |
Security Center Federation™ | ||||
Connection to remote Security Center systems | TCP 5500 | TLS 1.2 | GenetecSecurityCenterFederation.exe | |
Security Desk | ||||
Unicast media streams | UDP 6000–6200 | SRTP when using encryption in transit from Archiver or in transit and at rest | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Live video and audio multicast streaming | UDP 47806, 47807 | SRTP when using encryption in transit from Archiver or in transit and at rest | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Live video multicast streaming (Security Center Federation™) | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Live and playback video and audio requests | TCP 554, 555, 558, 560, 605 | RTSP over TLS when secure communication enabled | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Media transmission | TCP 9603 | SRTP when using encryption in transit from Archiver or in transit and at rest | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Cloud playback requests | TCP 5704 | RTSP over TLS when secure communication enabled | SecurityDesk.exe Genetec.MediaComponent32.exe |
|
Config Tool | ||||
Unicast media streams | UDP 6000–6200 | SRTP when using encryption in transit from Archiver or in transit and at rest | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Live video and audio multicast streaming | UDP 47806, 47807 | SRTP when using encryption in transit from Archiver or in transit and at rest | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Live video multicast streaming (Security Center Federation™) | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Live video and audio requests | TCP 554, 555, 560 | RTSP over TLS when secure communication enabled | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Media transmission | TCP 9603 | SRTP when using encryption in transit from Archiver or in transit and at rest | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Unit discovery with the Unit enrollment tool | Vendor-specific TCP and UDP ports | Vendor-specific | ConfigTool.exe Genetec.MediaComponent32.exe |
|
Cloud Storage reporting and configuration | TCP 804, 4434 | HTTP | ConfigTool.exe |
1 Applies to servers hosting one Archiver role. If multiple Archiver roles are hosted on the same server, each additional role uses the next free port.
3 TCP port 960 applies to new installations of Security Center 5.8 and later. In Security Center 5.6 and 5.7, TCP port 5004 was used instead of TCP port 960. Therefore, any system upgraded to 5.11 through 5.6 or 5.7 continues to use TCP port 5004.
4 In the context of Cloud Storage, ports TCP 80, 443, and 570 are only used when Cloud Storage is enabled.
Ports used by KiwiVision modules in Security Center
The following tables list the default network ports that must be opened to allow proper communication between Security Center and external IP video devices when KiwiVision™ is enabled in your system.
For a visual representation of the ports, see the Security Center Network Diagram - KiwiVision.
KiwiVision Privacy Protector™ and KiwiVision Camera Integrity Monitor modules
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
Live video requests | TCP 754 | RTSP over TLS when using Secure communication | Genetec.MediaProcessor.exe | |
Live video unicast streams | UDP 7000-7500 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaProcessor.exe | |
Live video multicast streaming | UDP 47806 | UDP 47806 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaProcessor.exe |
Live video multicast streaming (Security Center Federation™) | UDP 65246 | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaProcessor.exe |
Live video requests | TCP 554, 555, 560 | RTSP over TLS when using Secure communication | Genetec.MediaProcessor.exe | |
Media transmission | TCP 9601 | SRTP when using encryption in transit from Archiver or in transit and at rest | Genetec.MediaProcessor.exe |
KiwiVision Security video analytics and KiwiVision People Counter modules
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
KiwiVision Manager | ||||
Communication with KiwiVision Manager database | TCP 1433 | Microsoft Tabular Data Stream Protocol (TDS) | GenetecPlugin.exe | |
UDP 1434 | Microsoft SQL Server Resolution Protocol (SSRP) | GenetecPlugin.exe | ||
KiwiVision Analyzer | ||||
Live video unicast streams | UDP 6000–6500 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecPlugin.exe | |
Live video multicast streaming | UDP 47806 | UDP 47806 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecPlugin.exe |
Live video multicast streaming (Security Center Federation™) | UDP 65246 | UDP 65246 | SRTP when using encryption in transit from Archiver or in transit and at rest | GenetecPlugin.exe |
Live and playback video requests | TCP 554, 560, 9601 | RTSP over TLS when using Secure communication | GenetecPlugin.exe | |
Communication with KiwiVision Manager database | TCP 1433 | Microsoft Tabular Data Stream Protocol (TDS) | GenetecPlugin.exe | |
UDP 1434 | Microsoft SQL Server Resolution Protocol (SSRP) | GenetecPlugin.exe | ||
SQL Server | ||||
Incoming connections to the SQL Database Engine from KiwiVision Manager and Analyzer roles on other servers | TCP 1433 | Microsoft Tabular Data Stream Protocol (TDS) | sqlservr.exe | |
Incoming connections to the SQL Server Browser service for SQL Server connection information | UDP 1434 | Microsoft SQL Server Resolution Protocol (SSRP) | sqlbrowser.exe |
1 TCP port 960 applies to new installations of Security Center 5.8 and later. In Security Center 5.6 and 5.7, TCP port 5004 was used instead of TCP port 960. Therefore, any system upgraded to 5.11 through 5.6 or 5.7 continues to use TCP port 5004.
Ports used by Synergis applications in Security Center
The following table lists the default network ports that must be opened to allow proper communication between Security Center and external IP access control devices when Synergis™ is enabled in your system.
For a visual representation of the ports, see the Security Center Network Diagram - Access control.
Port usage | Inbound port | Outbound port | Protocol | Executable file |
---|---|---|---|---|
Access Manager | ||||
Synergis extension - discovery | UDP 2000 | Genetec Inc. proprietary protocol | GenetecAccessManager.exe | |
Secure communication with Synergis units and HID units | TCP 443 | HTTPS TLS 1.2 |
GenetecAccessManager.exe | |
HID extension - FTP data and command1 | TCP 20 | TCP 21 | FTP | GenetecAccessManager.exe |
HID extension - SSH1 | TCP 22 | SSH | GenetecAccessManager.exe | |
HID extension - Telnet1 | TCP 23 | Telnet | GenetecAccessManager.exe | |
HID extension - HTTP communication | TCP 80 | HTTP | GenetecAccessManager.exe | |
HID extension - VertX OPIN protocol | TCP 4050/44332 |
|
GenetecAccessManager.exe | |
HID extension - VertX discovery3 | UDP 4070 | UDP 4070 | N/A | GenetecAccessManager.exe |
Remote syslog server4 | UDP 514 | N/A | GenetecAccessManager.exe | |
Global Cardholder Synchronizer | ||||
Connection to sharing host | TCP 5500 | TLS 1.2 | GenetecGlobalCardholderManagement.exe | |
Mobile Credential Manager | ||||
Secure communication (HTTPS) with the portal of the mobile credential
provider NOTE: Security Desk, Config Tool, and the
Mobile Credential Manager role all need access to the following
URLs:
|
TCP 443 | HTTPS TLS 1.2 |
GenetecMobileCredentialManager.exe |
1 Not used if HID units are configured with Secure mode. As a best practice, enable secure mode on all HID units.
2 Legacy HID units or EVO units running a firmware version earlier than 3.7 use port 4050. HID EVO units running in secure mode with firmware 3.7 and later user port 4433.
3 The discovery port of an HID unit is fixed at 4070. After it is discovered, the unit is assigned to an Access Manager that uses the ports shown in the previous table to control it.
For more information about initial HID hardware setup, download the documentation from http://www.HIDglobal.com.
4 Starting in Security Center 5.10.1.0, this port is no longer enabled by default.