Port Requirements
Tenable Security Center port requirements include Tenable Security Center-specific and application-specific requirements.
Your Tenable Security Center instances require access to specific ports for inbound and outbound traffic.
Inbound Traffic
You must allow inbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 22 | Performing remote repository synchronization with another Tenable Security Center. |
| TCP 443 |
Accessing the Tenable Security Center interface. Communicating with Tenable Security Center Director instances. Communicating with OT Security instances. Performing the initial key push for remote repository synchronization with another Tenable Security Center. Interacting with the API. |
Outbound Traffic
You must allow outbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 22 | Communicating with Log Correlation Engine for event query. |
| TCP 25 |
Sending SMTP email notifications. |
| TCP 443 |
Communicating with Tenable Lumin for synchronization. Communicating with the plugins.nessus.org server for plugin updates. |
| TCP 1243 | Communicating with Tenable Log Correlation Engine. |
| TCP 8834 | Communicating with Tenable Nessus. |
| TCP 8835 | Communicating with Tenable Nessus Network Monitor. |
| UDP 53 |
Performing DNS resolution. |
Your Tenable Nessus instances require access to specific ports for inbound and outbound traffic.
Inbound Traffic
You must allow inbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 8834 |
Accessing the Tenable Nessus interface. Communicating with Tenable Security Center. Interacting with the API. |
Outbound Traffic
You must allow outbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 25 |
Sending SMTP email notifications. |
| TCP 443 |
Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn). Communicating with the plugins.nessus.org server for plugin updates. |
| UDP 53 |
Performing DNS resolution. |
Your Tenable Nessus Agents require access to specific ports for outbound traffic.
Outbound Traffic
You must allow outbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 443 |
Communicating with Tenable Vulnerability Management. |
| TCP 8834 |
Communicating with Tenable Nessus Manager. Note: The default Tenable Nessus Manager port is TCP 8834. However, this port is configurable and may be different for your organization. |
| UDP 53 |
Performing DNS resolution. |
Tenable Nessus Network Monitor
Your Tenable Nessus Network Monitor instances require access to specific ports for inbound and outbound traffic.
Inbound Traffic
You must allow inbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 8835 |
Accessing the Tenable Nessus Network Monitor interface. Communicating with Tenable Security Center. |
Outbound Traffic
You must allow outbound traffic to the following ports.
| Port | Traffic |
|---|---|
| TCP 443 |
Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn). Communicating with the plugins.nessus.org server for plugin updates. |
| TCP 601 |
Communications for reliable TCP syslog forwarding. |
| UDP 53 |
Performing DNS resolution. |
| UDP 514 |
Communications for UDP syslog forwarding. |
Tenable Log Correlation Engine
Your Log Correlation Engine and Log Correlation Engine client instances require access to specific ports for inbound and outbound traffic.
Inbound Traffic
You must allow inbound traffic to the following ports.
| Port | Traffic |
|---|---|
| Log Correlation Engine | |
| TCP 22 | Communicating with Tenable Security Center for Log Correlation Engine event query. |
| TCP 601 |
Communications for reliable TCP syslog forwarding. |
| TCP 1243 | Communicating with Tenable Security Center for Log Correlation Engine event vulnerability import. |
| TCP 8836 |
Accessing the Log Correlation Engine interface. |
| TCP 31300 | Communicating with Log Correlation Engine clients. |
| UDP 162 | Communicating with SNMP server for receiving SNMP traps. |
| UDP 514 |
Communications for UDP syslog forwarding. |
| Log Correlation Engine Client | |
| TCP 1468 | Communications between network devices and the Tenable Network Monitor. |
| TCP 9800 | Communications between Splunk and the Log Correlation Engine Splunk Client. |
| TCP 18185 | Communications between Check Point firewalls and the Log Correlation Engine OPSEC Client. |
| UDP 514 | Communications between network devices and the Tenable Network Monitor. |
| UDP 2055 | Communications between routers and the Tenable NetFlow Monitor. |
Outbound Traffic
You must allow outbound traffic to the following ports.
| Port | Traffic |
|---|---|
| Log Correlation Engine | |
| TCP 25 |
Sending SMTP email notifications. |
| TCP 443 |
Communicating with Tenable Vulnerability Management (sensor.cloud.tenable.com or sensor.cloud.tenablecloud.cn). Communicating with the plugins.nessus.org server for plugin updates. |
| TCP 601 |
Communications for reliable TCP syslog forwarding. |
| UDP 53 |
Performing DNS resolution. |
| UDP 514 |
Communications for UDP syslog forwarding. |
| Log Correlation Engine Client | |
| TCP 135 | Communicating with the targets of the Log Correlation Engine WMI Monitor Client. |
| TCP 443 |
Communicating with the web host of the Log Correlation Engine Web Query Client. |
| TCP 445 | Communicating with the targets of the Log Correlation Engine WMI Monitor Client. |
| TCP 31300 | Communicating with Log Correlation Engine. |