Communication and Network Requirements
As a network application, Tenable Patch Management (TPM) requires specific ports to facilitate communication between the server and in-scope devices, as well as communication between the devices themselves.
The client and server installation wizards create firewall rules for communication between clients and servers. If you have a firewall appliance between servers and client, you may need to manually configure rules to allow communication. Use the following tables to configure your firewall rules.
Note: The TPM server has both the server and client services installed on it, so both server and client ports need to be opened on that machine.
Tenable Patch Management Server port configuration (On-Premises only)
The TPM server needs to be configured with the following inbound and outbound ports.
| Port | Protocol | Direction | Process | Description |
|---|---|---|---|---|
| 34322 | UDP | Inbound | AdaptivaClientService.exe | Messages from client to server. |
| 34323 | UDP | Inbound | AdaptivaClientService.exe | Acknowledgements from the server and client. |
| 34324 | UDP | Inbound | AdaptivaClientService.exe | Replies from the server and clients. |
| 34325 | UDP | Inbound | AdaptivaClientService.exe | Messages from server to client. |
| 34329 | UDP | Inbound | AdaptivaClientService.exe | All broadcast messages from client to client. |
| 34545 | UDP | Inbound | AdaptivaClientService.exe | Content transfer control port. |
| 34546 | UDP | Inbound | AdaptivaClientService.exe / and the system process | Content transfer control port. |
| 34750 | UDP | Inbound | AdaptivaClientService.exe and the system process | All WAN or Internet Peer to Peer content transfers. |
| 34760 | UDP | Inbound | AdaptivaClientService.exe and the system process |
All LAN content transfers. |
| 34760 | TCP | Inbound | N/A | The port used by adaptiva-client-p2p-<version>-windows.msi. |
| N/A | ICMP | Inbound | N/A | ICMP (ping) requests to determine latency to Adaptiva Cloud Services relays. |
| 80 | HTTP | Outbound | AdaptivaServerService.exe / AdaptivaClientService.exe | Operations Manager and Cloud Relay Servers which relay client messages between Internet-based clients and the on-premises server. |
| 443 | HTTPS | Outbound | AdaptivaServerService.exe / AdaptivaClientService.exe | Operations Manager, Cloud Relay servers and patch content locations on a content delivery network (CDN). |
| 3478 | UDP | Outbound | AdaptivaClientService.exe | STUN requests to Cloud Relay Servers to determine public IP address |
| 34322 | UDP | Outbound | AdaptivaClientService.exe | Messages from client to server. |
| 34323 | UDP | Outbound | AdaptivaClientService.exe | Acknowledgements from the server and client. |
| 34324 | UDP | Outbound | AdaptivaClientService.exe | Replies and acknowledgements from server to client |
| 34325 | UDP | Outbound | AdaptivaClientService.exe | Messages sent from server to client. |
| 34545 | UDP | Outbound | System | Content transfer control port. |
| 34760 | UDP | Outbound | System | Content sent from server to client. |
.
Tenable Patch Management Client port configuration (On-Premises)
Devices need to be configured with the following inbound and outbound ports.
| Port | Protocol | Direction | Listening Process | Description |
|---|---|---|---|---|
| 34324 | UDP | Inbound | AdaptivaClientService.exe | Replies from the server and clients. |
| 34325 | UDP | Inbound | AdaptivaClientService.exe | Messages from server to client. |
| 34329 | UDP | Inbound | AdaptivaClientService.exe | All broadcast messages from client to client. |
| 34545 | UDP | Inbound | AdaptivaServerService.exe | Content transfer control port. |
| 34546 | UDP | Inbound | AdaptivaClientService.exe / and the system process | Content transfer control port. |
| 34750 | UDP | Inbound | AdaptivaClientService.exe and the system process | All WAN or Internet Peer to Peer content transfers. |
| 34760 | UDP | Inbound | AdaptivaClientService.exe and the system process |
All LAN content transfers. |
| 34760 | TCP | Inbound | N/A | The port used by TenablePatchP2PClientInstaller.msi. |
| 80 | HTTP | Outbound | AdaptivaClientService.exe | Operations Manager and Cloud Relay Servers which relay client messages between Internet-based clients and the on-premises server. |
| 443 | HTTP | Outbound | AdaptivaClientService.exe | Operations Manager, Cloud Relay servers and patch content locations on a content delivery network (CDN). |
| 443 | HTTPS/TCP | Outbound | cloud.tenable.com | Tenable Vulnerability Management (TVM) |
| 3478 | UDP | Outbound | AdaptivaClientService.exe | STUN requests to Cloud Relay Servers to determine public IP address |
| 34322 | UDP | Outbound | AdaptivaClientService.exe | Messages from client to server. |
| 34323 | UDP | Outbound | AdaptivaClientService.exe | Acknowledgements from the server and client. |
| 34545 | UDP | Outbound | System | Content transfer control port. |