Fortinet Document Library

Version:


Table of Contents

6.2.0
Download PDF
Copy Link

FortiGuard open ports

Incoming ports

Purpose

Protocol/Port

FortiAnalyzer

AV/IPS Updates, SMS, FTM, Licensing, Policy Overrides, RVS, URL/AS Update

TCP/443

FortiAP-S

FortiGuard Queries

UDP/53, UDP/8888

Syslog, OFTP, Registration, Quarantine, Log & Report

TCP/514

Event Logs

UDP/5246

FortiAuthenticator

AV/IPS Updates

TCP/443

Virus Sample

TCP/25

SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates

TCP/443

Registration

TCP/80

FortiClient

AV/VUL signatures update, Cloud-based behavior scan (CBBS)/applications that use cloud services

TCP/80

Virus submission (SMTP/FortiGuard)

TCP/25

URL rating

UDP/8888 (by default; this port can be changed to port 53 by entering fgd1.fortigate.com:53 via the XML config file)

Note: FortiClient for Chromebooks contacts FortiGuard for URL ratings via TCP/443

FortiClient EMS AV/VUL/APP version updates *

TCP/80

FortiCloud

Registration

TCP/443

FortiGate

AV/IPS Update, Management, Firmware, SMS, FTM, Licensing, Policy Override

TCP/443, TCP/8890

Cloud App DB

TCP/9582 (flow.fortinet.net)

FortiGuard Queries, DNS

UDP/53, UDP/8888

Registration

TCP/80

Alert Emails, Virus Sample

TCP/25

Central Management, Analysis

TCP/541

FortiMail

AS Rating

UDP/53

AV/AS Update

TCP/443

FortiManager

AV/IPS Updates, URL/AS Update, Firmware, SMS, FTM, Licensing, Policy Override Authentication, Registration

TCP/443

FortiClient updates

TCP/80

FortiSandbox

(FortiSandbox will use a random port picked by the kernel)

FortiGuard Distribution Servers

TCP/8890

FortiGuard Web Filtering Servers

UDP/53, UDP/8888

Outgoing ports

Purpose

Protocol/Port

FortiGate

Management

TCP/541

AV/IPS

UDP/9443

FortiMail

AV Push

UDP/9443

FortiManager

AV/IPS

UDP/9443

FortiGuard open ports

Incoming ports

Purpose

Protocol/Port

FortiAnalyzer

AV/IPS Updates, SMS, FTM, Licensing, Policy Overrides, RVS, URL/AS Update

TCP/443

FortiAP-S

FortiGuard Queries

UDP/53, UDP/8888

Syslog, OFTP, Registration, Quarantine, Log & Report

TCP/514

Event Logs

UDP/5246

FortiAuthenticator

AV/IPS Updates

TCP/443

Virus Sample

TCP/25

SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates

TCP/443

Registration

TCP/80

FortiClient

AV/VUL signatures update, Cloud-based behavior scan (CBBS)/applications that use cloud services

TCP/80

Virus submission (SMTP/FortiGuard)

TCP/25

URL rating

UDP/8888 (by default; this port can be changed to port 53 by entering fgd1.fortigate.com:53 via the XML config file)

Note: FortiClient for Chromebooks contacts FortiGuard for URL ratings via TCP/443

FortiClient EMS AV/VUL/APP version updates *

TCP/80

FortiCloud

Registration

TCP/443

FortiGate

AV/IPS Update, Management, Firmware, SMS, FTM, Licensing, Policy Override

TCP/443, TCP/8890

Cloud App DB

TCP/9582 (flow.fortinet.net)

FortiGuard Queries, DNS

UDP/53, UDP/8888

Registration

TCP/80

Alert Emails, Virus Sample

TCP/25

Central Management, Analysis

TCP/541

FortiMail

AS Rating

UDP/53

AV/AS Update

TCP/443

FortiManager

AV/IPS Updates, URL/AS Update, Firmware, SMS, FTM, Licensing, Policy Override Authentication, Registration

TCP/443

FortiClient updates

TCP/80

FortiSandbox

(FortiSandbox will use a random port picked by the kernel)

FortiGuard Distribution Servers

TCP/8890

FortiGuard Web Filtering Servers

UDP/53, UDP/8888

Outgoing ports

Purpose

Protocol/Port

FortiGate

Management

TCP/541

AV/IPS

UDP/9443

FortiMail

AV Push

UDP/9443

FortiManager

AV/IPS

UDP/9443