Ports used by Kaspersky Security Center Cloud Console

December 9, 2024

ID 158830

To use Kaspersky Security Center Cloud Console, which is part of the Kaspersky infrastructure, you must open the following ports on the client devices to allow the internet connection (see table below):

Ports that must be open on client devices to allow the internet connection

Port (or port range)

Protocol

Purpose of the port (or port range)

23100-23199

TCP/TLS

Receiving connections from Network Agents and secondary Administration Servers on Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com.

The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.

23700-23799

(only if you manage mobile devices)

TCP/TLS

Receiving connections from mobile devices.

Connection to the Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com.

The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.

27200-27299

TCP/TLS

Receiving connections for application activation from managed devices (except for mobile devices).

Connection to the Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com.

The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.

29200-29299

TCP/TLS

Tunneling connections to managed devices by using the klsctunnel utility through Kaspersky Security Center Cloud Console Administration Server at *.ksc.kaspersky.com.

The Kaspersky infrastructure can use any port within this range and any web address within this mask. The port and the web address can change from time to time.

443

HTTPS

Connection to Kaspersky Security Center Cloud Console discovery service at *.ksc.kaspersky.com.

The Kaspersky infrastructure can use any web address within this mask.

1443

TCP

Connection to Kaspersky Security Network

80

TCP

Connection is used to check validity of the Kaspersky Security Center certificates at *.digicert.com.

The Kaspersky infrastructure can use any web address within this mask.

The table below lists the ports that must be open on client devices where Network Agent is installed.

Ports that must be open on client devices

Port number

Protocol

Port purpose

Scope

15000

 

UDP

Receiving data from connection gateways (if in use)

Managing client devices

15000

UDP broadcast

Getting data about other Network Agents within the same broadcasting domain

Delivering updates and installation packages

15001

UDP

Receiving multicast requests from a distribution point (if in use)

Receiving updates and installation packages from a distribution point

Please note that the klnagent process can also request free ports from the dynamic port range of an endpoint operating system. These ports are allocated to the klnagent process automatically by the operating system, so klnagent process can use some ports that are used by another software. If the klnagent process affects that software operations, change the port settings in this software, or change the default dynamic port range in your operating system to exclude the port used by the software affected.

Also take into account that recommendations on the compatibility of Kaspersky Security Center Cloud Console with third-party software are described for reference only and may not be applicable to new versions of third-party software. The described recommendations for configuring ports are based on the experiences of Technical Support and our best practices.

The table below lists the additional ports that must be open on client devices where Network Agent is installed as a distribution point.

Ports used by Network Agent functioning as distribution point

Port number

Protocol

Port purpose

Scope

13000

TCP/TLS

Receiving connections from Network Agents

Managing client devices and delivering updates and installation packages

13111
(only if KSN proxy service is run on the device)

TCP

Receiving requests from managed devices to KSN proxy server

KSN proxy server

13295
(only if you use the distribution point as a push server)

TCP/TLS

Sending push notifications to managed devices

Distribution point used as a push server

15111
(only if KSN proxy service is run on the device)

UDP

Receiving requests from managed devices to KSN proxy server

KSN proxy server

17111
(only if KSN proxy service is run on the device)

HTTPS

Receiving requests from managed devices to KSN proxy server

KSN proxy server

If you have one or more Administration Servers on your network and use them as secondary Administration Servers when the primary Administration Server is located in the Kaspersky infrastructure, please refer to the list of ports that are used by Kaspersky Security Center running on-premises. Use those ports for interaction between your secondary Administration Server (or secondary Administration Servers) and client devices.

See also:

Initial configuration of Kaspersky Security Center Cloud Console

Scenario: Migration without a hierarchy of Administration Servers

');
Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).