Default ports used in Advanced Threat Defense communication

The Advanced Threat Defense Appliance uses many ports for network communications.

Client Server Default port Configurable Description
Any (desktop and REST API client) Advanced Threat Defense TCP 443 (HTTPS) No Access the Advanced Threat Defense web interface and REST API client.
Any (desktop) Advanced Threat Defense TCP 6080 (HTTPS) No For VM activation process and X-mode.
Any (FTP client) Advanced Threat Defense TCP 21 (FTP) No Access the FTP servers on Advanced Threat Defense.
Any (SFTP client) Advanced Threat Defense TCP 22 (SFTP) No Access the SFTP servers on Advanced Threat Defense.
Sensor Advanced Threat Defense TCP 8505 No Communication channel between a Sensor and Advanced Threat Defense.
Manager Advanced Threat Defense TCP 443 (HTTPS) No Communication between the Manager and Advanced Threat Defense through the RESTful APIs.
Advanced Threat Defense McAfee ePO TCP 8443 Yes Host information queries.
Advanced Threat Defense

tunnel.web.trustedsource.org

TCP 443 (HTTPS) No File Reputation queries.
Advanced Threat Defense

List.smartfilter.com

TCP 80 (HTTP) No URL updates.
Advanced Threat Defense All DXL Brokers in your environment TCP 8883 (HTTP) No DXL connection from ATD to DXL broker
Advanced Threat Defense All McAfee ePO in your environment TCP 443 (HTTP) No McAfee Agent on ATD gets DXL certificates from McAfee ePO
Advanced Threat Defense (DAT updates)

wpm.webwasher.com

wpm1-2.webwasher.com

wpm1-3.webwasher.com

wpm1-4.webwasher.com

wpm-usa.webwasher.com

wpm-usa1.webwasher.com

wpm-usa2.webwasher.com

wpm-asia.webwasher.com

tau.mcafee.com

tau1-2.mcafee.com

tau1-3.mcafee.com

tau1-4.mcafee.com

tau-usa.mcafee.com

tau-usa1.mcafee.com

tau-usa2.mcafee.com

tau-manual.mcafee.com

tau-ldv1.securelabs.webwasher.com

tau-ldv2.securelabs.webwasher.com

tau-ldv3.securelabs.webwasher.com

tau-europe.mcafee.com

tau-dnv1.securelabs.webwasher.com

tau-dnv2.securelabs.webwasher.com

tau-dnv3.securelabs.webwasher.com

tau-asia.mcafee.com

rpns.mcafee.com

mwg-update.mcafee.com

TCP 443 (HTTPS) No Updates for McAfee Gateway Anti-Malware Engine and McAfee Anti-Malware Engine.
Advanced Threat Defense (Software updates)

atdupdate.mcafee.com

TCP 443 (HTTPS) No Updates for the Advanced Threat Defense software. The update includes new detection and application package.
Advanced Threat Defense (Telemetry)

atd.rest.gti.mcafee.com

TCP 443 (HTTPS) No Sends telemetry data to McAfee. For information on what data is sent, see Configure telemetry in McAfee Advanced Threat Defense Installation Guide.
Any (SSH client) Advanced Threat Defense TCP 2222 (SSH) No CLI access.