Network Flow Matrix

To do security monitoring, Tenable Identity Exposure must communicate with the Primary Domain Controller emulator (PDCe) of each domain. You must open network ports and transport protocols on each PDCe to ensure efficient monitoring.

In addition to these network flows, you must consider other network flows, such as:

  • Access to the end-user services.

  • The network flows between Tenable Identity Exposure services.

  • The network flows from the support services that Tenable Identity Exposure uses, such as the update management infrastructure and the network time protocol.

The following network matrix diagram gives more details about the different services involved.

Support Services

Support services are often highly vendor or configuration-specific. For example, the WSUS service listens by default on port TCP/8530 for its 6.2 version and higher, but on TCP/80 for other versions. You can reconfigure this port to any another port.

Network Address Translation (NAT) support

Tenable Identity Exposure initiates all network connections, except those from end users. You can use network address translation (NAT) to connect toTenable Identity Exposure through network interconnection.

On-premises architecture network flows