Deployment Guide
v5.0
Search this version
Deployment Guide
Deployment Guide
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Communication Ports and Protocols
Copy Markdown
Open in ChatGPT
Open in Claude
- Client → Manager UI
HTTPS (TCP 443) – Secure web access to the MetaDefender NDR Manager UI and API through the front-envoy HTTPS service. TLS 1.3 only.
- Sensor ↔ Manager
Secure outbound-initiated TLS 1.3 communication channel from the Sensor to the Manager (default TCP 443, configurable). Used for policy push, configuration sync, command execution, health checks, certificate lifecycle management, and real-time event streaming from the Unix socket.
- All traffic is mutually authenticated and encrypted end-to-end using TLS 1.3 and mTLS where applicable.
| Port | Protocol | Exposed to | Purpose |
|---|---|---|---|
| 443 | TCP | Users / UI / API clients | Main NDR UI and API access through front-envoy HTTPS |
| 8443 | TCP | Sensors | Sensor enrollment TLS endpoint on manager |
| 9443 | TCP | Sensors | Sensor mTLS API endpoint for work polling, configuration updates, bundle delivery, and certificate lifecycle management |
| 9094 | TCP | Sensors | External Kafka SSL/mTLS ingest for Suricata and sensor event streaming |
| 4317 | TCP | Sensors | OTLP gRPC telemetry from the sensor-side OpenTelemetry agent to the platform OpenTelemetry collector443 |
VariableType to search · ESC to discard
GlossaryType to search · ESC to discard
InsertType to search · ESC to discard
No matches
Last updated on
Was this page helpful?
Next to read:
Analysis Methods Performed by Sensorsnull
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message