Fortinet black logo

FortiAnalyzer open ports

6.4.0
Copy Link
Copy Doc ID 23a6ef88-6864-11ea-9384-00505692583a:766616
Download PDF

FortiAnalyzer open ports

Incoming ports

Purpose

Protocol/Port

FortiAuthenticator

Logging

UDP/514

FortiAP-S

Syslog, OFTP, Registration, Quarantine, Log & Report

TCP/514

Event Logs

UDP/5246

FortiClient

Logs from FortiClient for Chromebook

TCP/8443

Logs from FortiClient (FortiClient must connect to FortiGate or EMS to send logs to FortiAnalyzer)

TCP/514

FortiGate

Syslog, Registration, Quarantine, Log & Reports

TCP/514

OFTP

TCP/514, UDP/514

FortiMail

Syslog

UDP/514

FortiManager

Syslog & OFTP

TCP/514, UDP/514

Registration

TCP/541

FortiPortal

API communications (JSON and XML APIs respectively)

TCP/443, TCP/8080

Others

SSH CLI Management

TCP/22

Web Admin

TCP/80, TCP/443

REST

TCP/443

DC Polling

TCP/445

Logg Agg

TCP/3000

GEIP query service

UDP/8888

Outgoing ports

Purpose

Protocol/Port

FortiGuard

AV/IPS, SMS, FTM, Licensing, Policy Override, RVS, URL/AS Update

TCP/443

FortiPortal

(FortiPortal only receives log communications from FortiAnalyzer when it is acting as a collector)

Log communications

TCP/514, UDP/514

3rd-Party Servers

LDAP & PKI Authentication

TCP/389, UDP/389

Log & Report

TCP/21, TCP/22

Configuration Backups

TCP/22

Alert Email

TCP/25

DNS

UDP/53

NTP

UDP/123

SNMP Traps

UDP/162

Report Query

TCP/389

Syslog & OFTP

TCP or UDP/514

RADIUS

UDP/1812

Note

FortiAnalyzer uses the following URL to access the sprite map:

  • productapi.fortinet.com

productapi.fortinet.com resolves to 96.45.36.123 or 208.91.114.142.

FortiAnalyzer open ports

Incoming ports

Purpose

Protocol/Port

FortiAuthenticator

Logging

UDP/514

FortiAP-S

Syslog, OFTP, Registration, Quarantine, Log & Report

TCP/514

Event Logs

UDP/5246

FortiClient

Logs from FortiClient for Chromebook

TCP/8443

Logs from FortiClient (FortiClient must connect to FortiGate or EMS to send logs to FortiAnalyzer)

TCP/514

FortiGate

Syslog, Registration, Quarantine, Log & Reports

TCP/514

OFTP

TCP/514, UDP/514

FortiMail

Syslog

UDP/514

FortiManager

Syslog & OFTP

TCP/514, UDP/514

Registration

TCP/541

FortiPortal

API communications (JSON and XML APIs respectively)

TCP/443, TCP/8080

Others

SSH CLI Management

TCP/22

Web Admin

TCP/80, TCP/443

REST

TCP/443

DC Polling

TCP/445

Logg Agg

TCP/3000

GEIP query service

UDP/8888

Outgoing ports

Purpose

Protocol/Port

FortiGuard

AV/IPS, SMS, FTM, Licensing, Policy Override, RVS, URL/AS Update

TCP/443

FortiPortal

(FortiPortal only receives log communications from FortiAnalyzer when it is acting as a collector)

Log communications

TCP/514, UDP/514

3rd-Party Servers

LDAP & PKI Authentication

TCP/389, UDP/389

Log & Report

TCP/21, TCP/22

Configuration Backups

TCP/22

Alert Email

TCP/25

DNS

UDP/53

NTP

UDP/123

SNMP Traps

UDP/162

Report Query

TCP/389

Syslog & OFTP

TCP or UDP/514

RADIUS

UDP/1812

Note

FortiAnalyzer uses the following URL to access the sprite map:

  • productapi.fortinet.com

productapi.fortinet.com resolves to 96.45.36.123 or 208.91.114.142.