On This Page
List of Tufin Predefined Services for Access Requests
The names and details of the services for traffic connection requests that are predefined in TOS are listed by protocol.
TCP Services
The names of the predefined TCP services in TOS are:
|
Service Name |
Port Range |
Comment |
|---|---|---|
|
AOL |
5190 |
AOL Instant Messenger. Also used by: ICQ & Apple iChat |
|
AP-Defender |
2626 |
Defender Authentication service |
|
AT-Defender |
2626 |
Defender Authentication service |
|
BGP |
179 |
Border Gateway Protocol |
|
Citrix_ICA |
1494 |
Citrix ICA general Service. |
|
CP_Exnet_PK |
18262 |
Check Point Extranet public key resolution |
|
CP_Exnet_resolve |
18263 |
Check Point Extranet remote objects resolution |
|
CP_redundant |
18221 |
Check Point Redundant Management Protocol |
|
CP_reporting |
18205 |
Check Point Reporting Client Protocol |
|
CP_rtm |
18202 |
Check Point Real Time Monitoring |
|
CP_seam |
18266 |
Check Point Eventia Analyzer Server Protocol |
|
CP_SmartPortal |
4433 |
Check Point Smart Portal |
|
CP_SSL_Network_Extender |
444 |
SSL Network Extender port |
|
CPD |
18191 |
Check Point Daemon Protocol |
|
CPD_amon |
18192 |
Check Point Internal Application Monitoring |
|
CPMI |
18190 |
Check Point Management Interface |
|
daytime-tcp |
13 |
Daytime Server Protocol (TCP) |
|
discard-tcp |
9 |
Discard Server Protocol (TCP) |
|
domain-tcp |
53 |
Domain Name System Download |
|
echo-tcp |
7 |
Echo Protocol (TCP) |
|
EDGE |
981 |
VPN-1 UTM Edge Portal |
|
Entrust-Admin |
710 |
Entrust CA Administration Service |
|
Entrust-KeyMgmt |
709 |
Entrust CA Key Management Service |
|
epmap-tcp |
135 |
RPC Endpoint Mapper |
|
exec |
512 |
Remote execution (rexec) |
|
FIBMGR |
2010 |
Forwarding Information Base Manager - Dynamic Routing Cluster config |
|
finger |
79 |
UNIX |
|
ftp |
21 |
File Transfer Protocol |
|
FW1 |
256 |
Check Point Security Gateway Service |
|
FW1_amon |
18193 |
Check Point OPSEC Application Monitoring |
|
FW1_clntauth_http |
900 |
Check Point Security Gateway Client Authentication (HTTP) |
|
FW1_clntauth_telnet |
259 |
Check Point Security Gateway Client Authentication (Telnet) |
|
FW1_CPRID |
18208 |
Check Point Remote Installation Protocol |
|
FW1_cvp |
18181 |
Check Point OPSEC Content Vectoring Protocol |
|
FW1_ela |
18187 |
Check Point OPSEC Event Logging API |
|
FW1_ica_mgmt_tools |
18265 |
Check Point Internal CA Management Tools |
|
FW1_ica_pull |
18210 |
Check Point Internal CA Pull Certificate Service |
|
FW1_ica_push |
18211 |
Check Point Internal CA Push Certificate Service |
|
FW1_ica_services |
18264 |
Check Point Internal CA Fetch CRL and User Registration Services |
|
FW1_key |
265 |
Check Point VPN-1 Public Key Transfer Protocol |
|
FW1_lea |
18184 |
Check Point OPSEC Log Export API |
|
FW1_log |
257 |
Check Point Security Gateway Logs |
|
FW1_mgmt |
258 |
Check Point Management (Version 4.x) |
|
FW1_netso |
19190 |
Check Point User Authority simple protocol |
|
FW1_omi |
18185 |
Check Point OPSEC Objects Management Interface |
|
FW1_omi-sic |
18186 |
Check Point OPSEC Objects Management Interface with Secure Internal Communication |
|
FW1_pslogon |
18207 |
Check Point Policy Server Logon protocol |
|
FW1_pslogon_NG |
18231 |
Check Point NG Policy Server Logon protocol |
|
FW1_sam |
18183 |
Check Point OPSEC Suspicious Activity Monitor API |
|
FW1_sds_logon |
18232 |
Check Point SecuRemote Distribution Server Protocol |
|
FW1_sds_logon_NG |
65524 |
SecuRemote Distribution Server Protocol (VC and higher) |
|
FW1_snauth |
261 |
Check Point Security Gateway Session Authentication |
|
FW1_topo |
264 |
Check Point VPN-1 SecuRemote Topology Requests |
|
FW1_uaa |
19191 |
Check Point OPSEC User Authority API |
|
FW1_ufp |
18182 |
Check Point OPSEC URL Filtering Protocol |
|
gopher |
70 |
The Internet Gopher Protocol |
|
GoToMyPC |
8200 |
Remote Computer Access & Sharing application |
|
H323 |
1720 |
videoconference transmissions over IP networks |
|
http |
80 |
Hypertext Transfer Protocol |
|
HTTP_and_HTTPS_proxy |
8080 |
|
|
https |
443 |
HTTP protocol over TLS/SSL |
|
ident |
113 |
Identify RCS keyword strings in files |
|
IKE-tcp |
500 |
IPSEC Internet Key Exchange Protocol over TCP |
|
imap |
143 |
Interactive Mail Access Protocol |
|
IMAP-SSL |
993 |
SSL encrypted IMAP |
|
IPSO_Clustering_Mgmt_Protocol |
1111 |
used for distributing configuration changes among cluster members and cluster wide monitoring |
|
irc2 |
7000 |
Internet Relay Chat Protocol |
|
Kerberos_v5_TCP |
88 |
Kerberos authentication protocol (version 5) |
|
ldap |
389 |
Lightweight Directory Access Protocol |
|
ldap-ssl |
636 |
Lightweight Directory Access Protocol over TLS/SSL |
|
login |
513 |
Remote login (rlogin) |
|
lotus |
1352 |
Lotus iNotes Web Access Protocol |
|
lpdw0rm |
515 |
Also used by: Ramen trojan and printer service. |
|
microsoft-ds |
445 |
Microsoft CIFS over TCP |
|
MS-SQL-Monitor |
1434 |
Microsoft SQL Monitor |
|
MS-SQL-Server |
1433 |
Microsoft SQL Server |
|
MSNP |
1863 |
MSN Messenger |
|
MySQL |
3306 |
|
|
nbsession |
139 |
NetBios Session Service |
|
NCP |
524 |
Novell NetWare Core Protocol |
|
netshow |
1755 |
Microsoft NetShow (Windows Media Player) |
|
netstat |
15 |
UNIX netstat Protocol |
|
nfsd-tcp |
2049 |
Network File System Daemon over TCP |
|
nntp |
119 |
Network News Transfer Protocol |
|
ntp-tcp |
123 |
Network Time Protocol (TCP) |
|
OAS-NameServer |
2649 |
Oracle Application Server (IIOP) NameServer |
|
OAS-ORB |
2651 |
Oracle Application Server (IIOP) ORB |
|
pcANYWHERE-data |
5631 |
PCs remote access security software |
|
pcTELECOMMUTE-FileSync |
2299 |
Symantec pcTELECOMMUTE File Synchronization |
|
pop-2 |
109 |
Post Office Protocol - Version 2 |
|
pop-3 |
110 |
Post Office Protocol - Version 3 |
|
POP3S |
995 |
SSL protocol over POP3S |
|
PostgreSQL |
5432 |
PostgreSQL database server |
|
pptp-tcp |
1723 |
Point-to-Point Tunneling Protocol |
|
RainWall_Command |
6374 |
RainWall high availability daemon |
|
Real-Audio |
7070 |
RealNetworks PNA Protocol |
|
RealSecure |
2998 |
Automatic 'Suspicious Activity Monitoring' activator |
|
Remote_Debug |
8787 |
|
|
Remote_Desktop_Protocol |
3389 |
Microsoft RDP |
|
rtsp |
554 |
Real Time Streaming Protocol |
|
SCCP |
2000 |
Skinny Call Control Protocol |
|
securidprop |
5510 |
Token based Authentication service (TCP) |
|
shell |
514 |
Remote shell (rsh) |
|
sip_tls |
5061 |
Session Initiation Protocol over non-encrypted Transport Layer Security |
|
sip-tcp |
5060 |
Session Initiation Protocol over TCP |
|
smtp |
25 |
Simple Mail Transfer Protocol |
|
SMTPS |
465 |
SSL protocol over SMTPS |
|
sqlnet1-2 |
1521 |
Oracle SQL*Net Version 1 and 2 |
|
sqlnet2-1525 |
1525 |
Oracle SQL*Net Version 2 Services |
|
sqlnet2-1526 |
1526 |
Oracle SQL*Net Version 2 Services |
|
Squid_NTLM |
3128 |
Squid NTLM authentication |
|
ssh |
22 |
secure shell |
|
StoneBeat-Control |
3002 |
Stonesoft StoneBeat Control |
|
StoneBeat-Daemon |
3001 |
Stonesoft StoneBeat Daemon Heartbeat |
|
T.120 |
1503 |
H323 |
|
TACACSplus |
49 |
Terminal Access Controller Access Control System over TCP |
|
tcp-high-ports |
>1023 |
TCP Ports 1024-65535 |
|
telnet |
23 |
Telnet Protocol |
|
time-tcp |
37 |
Time Server Protocol (TCP) |
|
UserCheck |
18300 |
Check Point Daemon Protocol |
|
uucp |
540 |
Unix-to-Unix Copy Program |
|
wais |
210 |
Wide Area Information Servers |
|
X11 |
6000-6063 |
X Window System |
|
Yahoo_Messenger_messages |
5050 |
Yahoo Messenger messages |
|
Yahoo_Messenger_Voice_Chat_TCP |
5000-5001 |
Yahoo Messenger Voice Chat |
|
Yahoo_Messenger_Webcams |
5100 |
Yahoo Messenger Webcams video |
UDP Services
The names of the predefined UDP services in TOS are:
|
Service Name |
Port Range |
Comment |
|---|---|---|
|
biff |
512 |
UNIX biff Protocol |
|
bootp |
67 |
Bootstrap Protocol Server |
|
Citrix_ICA_Browsing |
1604 |
UDP Service for general Citrix browsing |
|
daytime-udp |
13 |
Daytime Server Protocol (UDP) |
|
dhcp |
68 |
DHCP |
|
discard-udp |
9 |
Discard Server Protocol (UDP) |
|
domain-udp |
53 |
Domain Name System Queries |
|
E2ECP |
18241 |
Check Point End to End Control Protocol |
|
echo-udp |
7 |
Echo Protocol (UDP) |
|
epmap-udp |
135 |
RPC Endpoint Mapper |
|
FW1_load_agent |
18212 |
Check Point ConnectControl Load Agent |
|
FW1_scv_keep_alive |
18233 |
Check Point SecureClient Verification Keepalive Protocol |
|
FW1_snmp |
260 |
Check Point Security Gateway SNMP Agent |
|
H323_ras |
1719 |
RAS and associated connections (H.323 protocols) |
|
Hotline_tracker |
5499 |
Hotline tracker connections |
|
ICQ_locator |
4000 |
Mirabilis ICQ versions |
|
IKE |
500 |
IPSEC Internet Key Exchange Protocol (formerly ISAKMP/Oakley) |
|
IKE_NAT_TRAVERSAL |
4500 |
Nat Traversal Protocol |
|
Kerberos_v5_UDP |
88 |
Kerberos authentication protocol (version 5) |
|
kerberos-udp |
750 |
secure method for authenticating a request for service |
|
L2TP |
1701 |
Layer 2 Tunneling Protocol |
|
ldap-udp |
389 |
LDAP udp service |
|
MetaIP-UAT |
5004 |
Check Point Meta IP UAM Client-Server Communication |
|
mgcp_CA |
2727 |
Media Gateway Control Protocol - Call-Agent port |
|
mgcp_MG |
2427 |
Media Gateway Control Protocol - Media Gateway port |
|
microsoft-ds-udp |
445 |
Microsoft CIFS over UDP |
|
MS-SQL-Monitor_UDP |
1434 |
Microsoft-SQL-Monitor_UDP |
|
MS-SQL-Server_UDP |
1433 |
Microsoft SQL Server |
|
MSN_Messenger_1863_UDP |
1863 |
Microsoft Network Messenger UDP |
|
MSN_Messenger_5190 |
5190 |
Microsoft Network Messenger |
|
MSN_Messenger_Voice |
6901 |
Microsoft Network Messenger Voice communication |
|
name |
42 |
Host Name Server |
|
nbdatagram |
138 |
NetBios Datagram Service |
|
nbname |
137 |
NetBios Name Service |
|
NEW-RADIUS-ACCOUNTING |
1812 |
NEW - Remote Authentication Dial-In User Service |
|
NEW-RADIUS-ACCOUNTING |
1813 |
NEW - Remote Authentication Dial-In User Service accounting |
|
nfsd |
2049 |
Network File System Daemon over UDP (earlier versions of NFS) |
|
ntp-udp |
123 |
Network Time Protocol (UDP) |
|
pcANYWHERE-stat |
5632 |
PCs remote access security software |
|
RADIUS |
1645 |
Remote Authentication Dial-In User Service |
|
RADIUS-ACCOUNTING |
1646 |
Remote Authentication Dial-In User Service accounting |
|
RainWall_Daemon |
6372 |
RainWall daemons communication |
|
RainWall_Status |
6374 |
RainWall remote management status |
|
RainWall_Stop |
6373 |
RainWall monitoring |
|
RDP |
259 |
Check Point VPN-1 FWZ Key Negotiations - Reliable Datagram Protocol |
|
rip |
520 |
Routing Information Protocol |
|
RIPng |
521 |
Routing Information Protocol for IPv6 |
|
securid-udp |
5500 |
Token based Authentication service (UDP) |
|
sip |
5060 |
Session Initiation Protocol |
|
snmp |
161 |
Simple Network Management Protocol |
|
SWTP_Gateway |
9281 |
VPN-1 Embedded/SofaWare commands |
|
SWTP_SMS |
9282 |
VPN-1 embedded / SofaWare Management Server (SMS) |
|
syslog |
514 |
UNIX syslog Protocol |
|
TACACS |
49 |
Terminal Access Controller Access Control System over UDP |
|
tftp |
69 |
Trivial File Transfer Protocol |
|
time-udp |
37 |
Time Server Protocol (UDP) |
|
tunnel_test |
18234 |
Check Point tunnel testing application |
|
udp-high-ports |
>1023 |
UDP Ports 1024-65535 |
|
VPN1_IPSEC_encapsulation |
2746 |
Check Point VPN-1 SecuRemote IPSEC Transport Encapsulation Protocol |
|
wap_wdp |
9200 |
Wireless Datagram Protocol: a simplified protocol suitable for low bandwidth mobile stations enables a connectionless mode. |
|
wap_wdp_enc |
9202 |
Wireless Datagram Protocol with Wireless Transport Layer Security |
|
wap_wtp |
9201 |
Wireless Transaction Protocol: a simplified protocol suitable for low bandwidth mobile stations enables a connection mode. |
|
wap_wtp_enc |
9203 |
Wireless Transaction Protocol with Wireless Transport Layer Security |
|
who |
513 |
UNIX who Protocol |
ICMP Services
The names of the predefined ICMP services in TOS are:
|
Service Name |
Type |
|---|---|
|
dest-unreach |
3 |
|
echo-reply |
0 |
|
echo-request |
8 |
|
info-reply |
16 |
|
info-req |
15 |
|
mask-reply |
18 |
|
mask-request |
17 |
|
param-prblm |
12 |
|
redirect |
5 |
|
source-quench |
4 |
|
time-exceeded |
11 |
|
timestamp |
13 |
|
timestamp-reply |
14 |
Other Services
The names of the other predefined services in TOS are:
|
Service Name |
IP Protocol |
Comment |
|---|---|---|
|
AH |
51 |
IPSEC Authentication Header Protocol |
|
egp |
8 |
Exterior Gateway Protocol |
|
ESP |
50 |
IPSEC Encapsulating Security Payload Protocol |
|
FW1_Encapsulation |
94 |
Check Point VPN-1 SecuRemote FWZ Encapsulation Protocol |
|
ggp |
3 |
Gateway-to-Gateway protocol |
|
gre |
47 |
Generic Route Encapsulation Protocol |
|
icmp-proto |
1 |
Internet Control Message Protocol |
|
igmp |
2 |
Internet Group Management Protocol |
|
igrp |
9 |
Cisco Interior Gateway Routing Protocol |
|
IP_Mobility |
55 |
IP Mobility protocol |
|
ospf |
89 |
Open Shortest Path First Interior GW Protocol |
|
PIM |
103 |
Protocol-Independent Multicast |
|
SIT |
41 |
IPv6 encapsulated in IPv4 |
|
Sitara |
109 |
Sitara Networks Protocol (SpeedSeeker) |
|
SKIP |
57 |
IPSEC Simple Key Management for Internet Protocols |
|
SUN_ND |
77 |
Sun ND protocol |
|
SWIPE |
53 |
swIPe protocol |
|
vrrp |
112 |
Virtual Router Redundancy Protocol |
|
other |
0-255 |
for Service Names not listed above |
