Question

What ports are used by FTK, Lab, Enterprise, FTK Plus, and FTK Central?

 

Answer

ProductSource ComponentDestination ComponentDestination Port
AllDistributed Processing ManagerCase/Evidence/Job Storage445
AllDistributed Processing EngineCase/Evidence/Job Storage445
AllForensic Tools ServiceCase/Evidence/Job Storage445
Enterprise
FTK Central		Site ServerNetwork Share Endpoints445
Enterprise
FTK Central		Site ServerOn-Network Agents39991
Enterprise
Enterprise Examiner
On-Network Agents
39991
Enterprise
Distributed Processing Manager / Distributed Processing Engine
On-Network Agents

39994
Enterprise
FTK Plus
FTK Central		End UsersForensic Tools Service44431
FTK Plus
FTK Central		FTK Central ServiceCollab19876
AllDistributed Processing EngineDistributed Processing Manager34096
AllForensic Tools ServiceDistributed Processing Manager34096
AllDistributed Processing ManagerDistributed Processing Engine34097, 34099
Enterprise
FTK Central
Site ServerPostgreSQL54323
Enterprise
FTK Central
FTK Central ServiceRoot Site Server543211
Enterprise
FTK Central
Child Site ServerParent Site Server545451
Enterprise
FTK Central
Parent Site ServerChild Site Server545451
Enterprise
FTK Central
AgentsSite Server545451
AllDistributed Processing ManagerMSSQL1433, MSDTC2
AllDistributed Processing EngineMSSQL1433, MSDTC2
AllForensic Tools ServiceMSSQL1433, MSDTC2
Enterprise
FTK Central
Forensic Tools ServiceCloud ConnectorsVarious

 

User-configurable.

You may need to manually set exceptions for ports 135 (DTC) and 1024-65535 (DCOM) if allowing MSDTC by application doesn't work.  You can restrict the firewall rules to just the involved server's IPs.

PostgreSQL should be installed locally on each Site Server, so firewall rules are typically not necessary

Necessary for Disk Preview jobs


Important: Outbound ports should not be restricted in any way.