LogoLogo
LearnDocumentationSupportCommunity
Version 6.30
Version 6.30
  • Welcome
  • Nexthink V6
  • Overview
    • Software components
    • Collector
    • Finder
    • Engine
    • Portal
    • Nexthink Library
    • Digital Experience Score
  • Installation and configuration
    • Planning your installation
      • Overview of the installation process
      • Hardware requirements
      • Connectivity requirements
      • Software requirements
      • Reference architectures
    • Installing Portal and Engine Appliances
      • Installing the Appliance
      • Installing the Appliance on Azure
      • Installing the Appliance on AWS
      • Installing the Appliance on OTC
      • Managing Appliance accounts
      • Setting the names of the Portal
      • Setting the names of the Engines
      • Specifying your internal networks and domains
      • Federating your Appliances
      • STIG compliance in Web Console
      • Connecting the Portal to the Engines
      • Configuring session performance storage
      • Configuring device performance storage
      • Setting up a software license
      • Sending email notifications from the Appliance
      • Allocating resources for the Portal
    • Installing the Collector
      • Installing the Collector on Windows
      • Installing the Collector on macOS
      • Installing the Collector for a Proof of Value
      • Assigning Collectors to Engines
      • Assignment of roaming Collectors
      • Collector MSI parameters reference table
      • Nxtcfg - Collector configuration tool
      • Inspecting the connection status of the Collector
      • Querying the status of the TCP connection of the Collector
      • Reporting the URL of HTTP web requests
      • Auditing logon events
      • Viewing user interactions in virtualized and embedded environments
      • Engage notifications on macOS
      • Configuring Collector level anonymization
    • Collector remote connectivity
      • Redirecting and anonymizing Collector traffic
      • Redirecting the Collector TCP channel
      • Support for DirectAccess
      • Windows Collector proxy support
      • Mac Collector proxy support
    • Installing the Event Connector
      • Installing the Event Connector on Linux
    • Installing the Finder
      • Installing the Finder on Windows
      • Enabling Cross-Engine Finder features
      • Expanding the time frame of investigations in the Finder
      • Enabling Finder access to the Library
      • Finder proxy support
    • Updating from V6.x
      • Updating the Appliance
      • Content centralization when updating the Appliance
      • Updating the Collector
      • Viewing Collector deprecated fields
      • Updating the Finder
    • Security and user account management
      • Importing and replacing certificates
      • Hierarchizing your infrastructure
      • Adding users
      • Enabling SAML authentication of users
      • Just-In-Time provisioning of user accounts
      • Enabling Windows authentication of users
      • Multi-factor authentication for local accounts overview
      • Provisioning user accounts from Active Directory
      • Establishing a privacy policy
      • Disabling local accounts for interactive users
      • Setting the complexity and minimum length of passwords for local accounts
      • Protecting local accounts against brute force attacks
      • Preventing password saving in the Finder
      • Controlling session timeouts in the Portal
      • Security settings in the Appliance
      • Setting the Do Not Disturb periods between campaigns
    • Data retrieval and storage
      • Data retention
      • Increasing the maximum number of metrics
      • Establishing a data retention policy in the Engine
      • Storing Engine data in a secondary disk drive
      • Importing data from Microsoft Active Directory
      • Setting the locale in the Portal
      • Changing the Time Zone of the Portal
      • Time Zones and data collection
      • Changing the data collection time of the Portal
      • Nightly task schedules timetable
      • Changing the thresholds of High CPU warnings
      • Automatic restart of unresponsive Engine
    • Maintenance operations
      • Logging in to the CLI
      • Special operation modes for the Engine and the Portal
      • Changing the default ports in the Appliance
      • Centralized Management of Appliances and Engines
      • Monitoring the performance of the Appliance
      • Resizing partitions in Appliance
      • Configuring the system log
      • Examining the logs in the Portal
      • GDPR - Retrieving or anonymizing personal data
      • Finding out unlicensed devices
      • Removing devices
      • Installing third-party software in the Appliance
      • Installing VMware Tools in the Appliance
      • Operational data sent to Nexthink
      • Sending additional data to Support
    • Disaster recovery
      • Planning for disaster recovery
      • Web Console backup and restore
      • Engine backup and restore
      • Portal backup and restore
      • Rule-based assignment backup and restore
      • License backup and restore
      • PKI backup and restore
    • Branding
      • Branding the Portal
      • Branding of campaigns
  • User manual
    • Getting started
      • Logging in to the Finder
      • Logging in to the Portal
      • Enabling STIG in Webconsole
    • Querying the system
      • Searching the subject of interest
      • Executing an investigation
      • Creating an investigation
      • Editing the options of an investigation
      • Combining logical conditions in investigations
      • Navigating through the results of an investigation
      • Properties of users and devices
    • Visualizing system activity in the Finder
      • Getting a quick overview
      • Graphically observing the activity of users and devices
      • Observing service performance
      • Viewing network connections
      • Viewing web requests
      • Viewing executions
    • Monitoring IT custom metrics
      • Creating a metric
      • Examples of metrics
      • Session performance
      • Device performance
      • Following the evolution of a metric
      • Finding the visuals of a metric
    • Monitoring IT services
      • Analyzing service quality
      • Creating a service
      • Following the evolution of a service
      • Specifying URL paths of web-based services
    • Engaging with the end user
      • Getting feedback from the end users
      • Types of campaigns
      • Creating a campaign
      • Editing a campaign
      • Types of questions
      • Controlling the flow of questions
      • Translating a campaign
      • Triggering a campaign manually
      • Limiting the reception rate of campaigns
      • Scrutinizing the results of a campaign
      • Continuously measuring the satisfaction of employees
    • Rating devices and users with scores
      • Computing scores
      • Creating a score
      • Checking and comparing ratings
      • Computing potential savings
      • Score XML Reference
      • Documenting scores
    • Remotely acting on devices
      • Scenarios for remote actions
      • Creating a remote action
      • Executing remote actions
      • Triggering a remote action manually
      • Writing scripts for remote actions on Windows
      • Writing scripts for remote actions on Mac
      • Example of self-healing scenario
      • Example of self-help scenario
      • Application control and remote actions
    • Organizing objects with categories
      • Classifying objects of the same type
      • Creating categories and keywords
      • Tagging objects manually
      • Tagging objects automatically
      • Importing tags from text files
    • Getting notified by the system
      • Receiving Engage campaigns
      • Receiving email digests
      • Receiving alerts
      • Creating a service-based alert
      • Creating an investigation-based alert
    • Building web-based dashboards
      • Introducing dashboards in the Portal
      • Creating a dashboard
      • Examining metrics in depth
      • Documenting dashboards
      • Assessing license use
      • Computing dashboard data
      • Reusing dashboard content
    • Importing and exporting authored content
      • Methods for reusing authored content
      • Manually sharing Finder content
      • Importing a content pack
      • Conflict resolution
      • Exporting a content pack
  • Library packs
    • Compliance
      • Device Compliance
    • Configuration Manuals
      • Overview (Configuration Manuals)
      • Installing A New Version Of A Library Pack
    • Digital Employee Score (DEX score)
      • DEX Score Installation And Configuration
      • Detailed Library Pack Changelog
    • Device management
      • Reduce logon duration
      • Group Policy Management
      • Hardware Asset Renewal
      • Hardware Asset Renewal Advanced
      • Application Auto-Start Impact
    • Remote Employee Experience
      • Remote Worker Experience
      • Home Networking
      • Change Log And Upgrade Process
      • Remote Worker Vs Office Worker Device Category
      • Remote Worker Insights
      • DEX V2 Upgrade Of Remote Worker
    • Persona Insight
      • Persona Insight - Overview
      • Persona Insight - Library Pack
      • Persona Insight - Score Only Pack
      • Persona Insight - Without Campaign pack
      • Persona Insight - Getting Started and Upgrade Procedure
      • Persona Insight - Configuration Guide
      • Persona Insight - Troubleshooting - Multiple devices on multiple engines
      • Persona Insight - Reference Guide
      • Persona Insight - Example Pack
      • Persona Insight - Device Sizing
        • Persona Insight - Device Sizing Overview
        • Persona Insight - Device Sizing Configuration
      • Persona Insight - Application Sizing
        • Persona Insight - Application Sizing Overview
        • Persona Insight - Application Sizing Configuration
      • Legacy Persona documentation
        • Persona Insight - Library Pack (V.1.0.0.0)
        • Persona Insight - Base Pack
        • Persona Insight - Base Pack Advanced
        • Persona Insight - Customization Guide (V1.0.0.0)
        • Persona Insight - Configuration Guide (V1.0.0.0)
        • Persona Insight - Reference Guide (V1.0.0.0)
    • GSuite
      • GSuite: Health
      • GSuite: Services
      • GSuite: Sentiment
      • GSuite: Advanced Health
    • Support
      • Support: Level 1
    • Shadow IT
      • Shadow IT
    • Malware Protection
      • Malware Protection
    • Office 365 Health
      • Office 365 Health: Overview
      • Office 365 Health: Services
    • Office 365 OneDrive
      • OneDrive Summary
      • OneDrive Operations
      • OneDrive Advanced Health
      • OneDrive Migration
      • OneDrive Sentiment
      • OneDrive Management
      • OneDrive Advanced Operations
    • Office 365 Teams
      • Teams Overall Configuration
      • Teams - Migration
      • Teams - Health
      • Teams - Advanced Health
      • Teams - Adoption
    • Microsoft 365 Apps
      • Microsoft 365 Apps - Operate
    • Employee Self Service
      • Overview
      • Configuration
      • Usage
    • Onboarding Experience Management
      • OEM - Overview
      • OEM - Configuration
    • Office 365 Outlook
      • Outlook Troubleshooting
    • Virtualization
      • Virtualization: Operate
      • Virtualization: AVD - Advanced
      • Virtualization: Citrix Advanced
      • Virtualization: Project
      • Virtualization: Troubleshooting
        • Virtualization: Troubleshooting: Configuration
    • Windows
      • Win10: Configuration
      • Win10: Migration
      • Win10: Feature Update
      • Win10: Quality Update
      • Windows Defender Management
      • Administrators Management
    • Windows 11
      • Windows 11 - Readiness
      • Windows 11 - Migration Pilot
      • Windows 11 - Migration
      • Windows 11 - Operate
    • Webex
      • Webex Operate
    • Zoom
      • Zoom Operate
    • Remote Actions
      • Get Performance Monitor Data
      • Skype For Business
      • Restart Device
      • Upload Logs to S3 using PreSigned URLs
    • Software Asset Optimization
    • Collaboration Optimization
      • Collaboration Optimization - Solution Overview
      • Collaboration Optimization - Configuration
      • Collaboration Optimization - Usage / Troubleshooting
    • Systems Management
      • Manage Configuration Drift
      • MS ConfigMgr - Client Health
        • MS ConfigMgr - Client Health - Summary
        • MS ConfigMgr - Client Health - Configuration Guide
      • Intune
        • Intune - Health
          • Intune - Health - Summary
          • Intune - Health - Configuration Guide
    • Return to the office
      • Return to the office - Planning
      • Return to the office - Readiness
    • Green IT
      • Green IT - Overview
      • Green IT - Configuration Guide
    • Hybrid Working
      • Hybrid Working Experience
      • Hybrid Working Experience - Installation and upgrade procedure
  • Integrations
    • Nexthink ServiceNow Service Graph Connector
      • Overview
        • Roles and Permissions
        • Modules
      • Installation and Configuration Guide
        • Pre-requisites
          • Configure Identification Rules
          • Import and setup the CMDB categories in Finder
        • Setup
          • Configure the connection
          • Configure import properties
          • Configure additional engines
          • Set up scheduled import jobs
      • Data transformation and mapping by default
      • How to customize the behaviour of the Connector
      • FAQ
        • Why ServiceNow Service Graph Connector?
        • What about Nexthink CMDB Connector?
        • Why is the name the primary key for the devices?
      • Troubleshooting
        • IRE identification issues
          • [No Choice found in the sys_choice table for the target table](integrations/nexthink-servicenow-service-graph-connector/troubleshooting/ire-identification-issues/ no-choice-found-in-the-sys_choice-table-for-the-target-table.md)
          • Identification rules not created
          • Discovery_source choice not created
        • Timeout Errors
          • ECCResponseTimeoutException
          • HTTP 0 error
        • MID server issues
          • java.lang.NullPointerException
          • MID Server memory issues
          • Not trusted certificates in Quebec release
        • Configure credentials issues
          • [Not allowing update of property authentication_choice](integrations/nexthink-servicenow-service-graph-connector/troubleshooting/configure-credentials-issues/ not-allowing-update-of-property-authentication_choice.md)
          • Invalid username/password combo (HTTP 401/403)
        • Configure Engines Issues
          • [The client secret supplied for a confidential client is invalid](integrations/nexthink-servicenow-service-graph-connector/troubleshooting/configure-engines-issues/ the-client-secret-supplied-for-a-confidential-client-is-invalid.md)
        • No Cis imported and no errors found in the log
    • Nexthink ServiceNow Incident Management Connector (IMC)
      • Installation and configuration guide (IMC)
      • Troubleshooting Guide (IMC)
      • Domain separation installation (IMC)
    • Nexthink ServiceNow CMDB Connectors
      • Installation and Configuration Guide
      • Troubleshooting Guide
      • Field transformation and normalisation examples
    • Nexthink Event Connector
      • High level overview
      • Installation and Configuration Guide
      • Troubleshooting guide
      • RPM installation
      • Splunk specific documentation
        • Upgrading from Splunk Connector to Event Connector
        • Splunk add-on installation and usage
    • Nexthink Chatbot SDK
      • Introduction and concepts
      • Installation, configuration and update guide
        • Installation and configuration
        • Update to newer version
        • Uninstallation
        • Authentication
        • Topics configuration
        • Remote action configuration
        • Advanced configuration
        • Additional resources and references
      • Dimensioning guide
      • Troubleshooting
      • Technical solution description
      • Downloads and release notes
  • Glossary and references
    • Search and information display
      • Search in Finder
      • Keyboard shortcuts for column display selection
      • Campaign display compatibility
      • Real-time and consolidated service data
      • Service errors and warnings
      • Errors and warnings for devices and executions
      • Types of widgets
      • Widget compute state in charts
      • Errors in the execution of remote actions
      • Top results of Cross-Engine investigations
      • Engine data history
    • Tooltips in the user and device views
      • Alerts tooltips
      • Warnings tooltips
      • Errors tooltips
      • Activity tooltips
      • Services tooltips
    • Database information and organization
      • Maximum supported values
      • Local and shared content
      • Device Identification
      • Local IP address of devices
      • Timestamping of events
      • Boot and logon duration
      • Application startup duration
      • Application not responding events
      • Memory and CPU usage
      • Status of TCP connections
      • Status of UDP connections
      • Network and port scan conditions
      • Binary paths
      • Maximum number of Binaries
      • Package Executable Mapping
      • Metro apps
      • Investigation with packages
      • Portal aggregation and grouping
      • Focus time metric
    • Security
      • Access rights and permissions
      • Active Directory authentication
      • Canonical domain names for Windows authentication
      • System alerts
      • Audit trail
      • Appliance hardening
      • STIG hardening
      • FIPS 140-2 compliance
      • Security bulletins
        • Is Nexthink affected by Okta breach
        • Is Nexthink affected by SolarWinds breach
        • Nexthink and Log4j - Security bulletin
        • CVE-2022-22965 - Security Vulnerability Spring4shell - Spring Framework
        • Version 6.22.2.10: Security Vulnerability Maintenance Release
        • The Collector V6.27.X Release – Security Bulletin
    • References
      • Components of the Collector
      • Server support
      • Compatibility mode
    • Glossary
      • Activity
      • Alert
      • Application
      • Binary
      • Campaign
      • Category
      • Connection
      • Dashboard
      • Destination
      • Device
      • Domain
      • Entity
      • Event
      • Executable
      • Execution
      • Focus time
      • Hierarchy
      • Installation
      • Investigation
      • Keyword
      • Metric
      • Module
      • Object
      • Package
      • Platform
      • Port
      • Printer
      • Score
      • Service
      • Session
      • System boot
      • User
      • User logon
      • Web request
      • Widget
  • API and integrations
    • Integrating with Nexthink
      • Event Connector
      • Getting data through the NXQL API
      • Bidirectional integration with the Finder
      • Count metrics API
      • Software metering API
      • Services API
      • List Engines API
      • GetSID API
      • Triggering campaigns via their API
      • Triggering remote actions via their API
      • Audit trail API
      • Integrating investigation-based alerts
      • Downloads
    • NXQL API
      • Introducing the NXQL API
      • NXQL Tutorial
      • NXQL language definition
      • NXQL Data Model
    • Integrations
      • Excel integration with NXQL
      • Power BI
      • Azure Data Lake Storage Gen2
      • Splunk Event Connector
    • ServiceNow
      • CMDB Connector
      • Incident Management Connector
      • Event Management

© Nexthink

  • Privacy policy
  • Responsible Disclosure Policy
On this page
  • Overview
  • Common connections of CentOS-based Appliance
  • Common connections of Oracle Linux-based Appliance
  • Connections between Portal, Engine and other components
  • Connections required for rule-based Collector Assignment
  • Engine
  • Portal
  • Local License Manager
  • Mobile Bridge
  • Finder
  • Collector

Was this helpful?

  1. Installation and configuration
  2. Planning your installation

Connectivity requirements

Last updated 1 month ago

Was this helpful?

Overview

Find the connectivity requirements of every Nexthink product in the reference tables below. You can configure some of the products to use either a secure or a non-secure channel for specific services (see the column Reason). Depending on their configuration, note that you may require to allow connections through a different port number.

Starting from V6.19, if rule-based Collector assignment is turned on, the TCP channel of the Collector also connects to the Portal. Collectors use this connection to ask for their assigned Engine. From V6.20 on, if you change the default port number of the Collector TCP channel, .

Starting from V6.21, the Collector no longer requires a separate UDP channel to send end-user analytics to the Engine. Instead, end-user analytics, as well as coordination data and updates, may be optionally transmitted through the TCP channel. If you change the default port numbers that the Collector uses for communicating with the Engine, . Starting from V6.24, the default is to use TCP port 443 for all Collector communications in on-premises setups, although the use of a custom TCP port (default 8443) and the UDP channel are still allowed.

For each connection, the tables indicate the transport protocol used. When an application protocol handles the connection over the transport layer, the name of the application protocol precedes the name of the transport protocol.

First, find in this overview two diagrams:

  • A diagram with the connections and default ports that are common to all Nexthink Appliances, regardless of the Appliance hosting the Portal, the Engine or both.

  • A diagram with the default ports of the Portal and Engine Appliances separately, as well as the connections with other components.

Common connections of CentOS-based Appliance

Common connections of Oracle Linux-based Appliance

Connections between Portal, Engine and other components

Connections required for rule-based Collector Assignment

The connectivity between Engines through TCP and UDP ports 8301 is optional, as the consensus protocol behind rule-based Collector assignment uses these connections to implement a feature that is actually not required by Collector assignment. If communication through TCP and UDP ports 8301 is blocked between Engines (by internal firewalls, for instance), the underlying consensus protocol will write failed connection messages to its log file:

/var/nexthink/nxconsul/logs/nxconsul.log

You can safely ignore these error messages.

Engine

In the following table, we describe the different ports that must be open on the Engine appliance to communicate seamlessly with the other Nexthink components and with standard network services.

Port Number
Protocol
Direction (IN/OUT)
Reason
Domains

22

SSH / TCP

IN

Secure shell connection to the CLI

SSH / TCP

IN OUT

Appliance federation

25

SMTP / TCP

OUT

Mail server for notifications

53

DNS / UDP

OUT

Resolving destination names by reverse IP

99

HTTPS / TCP

IN

Administration through the Web Console

123

NTP / UDP

OUT

Time synchronization

  • For CentOS-based appliances:

0.centos.pool.ntp.org

1.centos.pool.ntp.org

2.centos.pool.ntp.org

  • For Oracle Linux-based appliances:

0.pool.ntp.org

1.pool.ntp.org

2.pool.ntp.org

3.pool.ntp.org

389

LDAP / TCP

OUT

Connection to Active Directory (non-secure)

443

WebSocket / TCP

IN

Collector TCP channel to the Engine (on-premises default)

WebSocket / TCP

IN

User connection from the Finder (Nexthink Cloud only)

HTTPS / TCP

IN

Audit Trail API connection from the Portal

HTTPS / TCP

IN

Access to the Web API

Only for Engines on the Nexthink Cloud

HTTPS / TCP

OUT

Connection to the Application Library

application‑library‑v5.nexthink.com

application‑library‑v6.nexthink.com

HTTPS / TCP

OUT

Connection to automatic updates

  • For CentOS-based appliances:

updates‑v6.nexthink.com

updates‑centos‑v6.nexthink.com

  • For Oracle Linux-based appliances:

updates-v6-el8.nexthink.com

636

LDAPs / TCP

OUT

Connection to Active Directory (secure)

999

UDP

IN

Optional: Collector analytics

TCP

IN

User connection from the Finder (on-premises only) or the Portal

1671

HTTPS / TCP

IN

Access to the Web API

Only for Engines on-premises (V6.X)

7000 7001 7002 7003

TCP

OUT

Communication channels with the Portal

8300

TCP

IN OUT

Communication with Portal for Collector assignment

8301

TCP & UDP

IN OUT

Communication with Portal and peer Engines for Collector assignment

8443

WebSocket / TCP

IN

Collector default custom / Nexthink Cloud TCP channel to the Engine

10402

TCP

OUT

Additional communication with Portal for Collector assignment

11031

HTTPS / TCP

OUT

Communication with the Mobile Bridge

Portal

In the following table, we describe the different ports that must be open in the Portal appliance to communicate seamlessly with the other Nexthink components.

Port Number
Protocol
Direction (IN/OUT)
Reason
Domains

22

SSH / TCP

IN

Secure shell connection to the CLI

SSH / TCP

IN OUT

Appliance federation

25

SMTP / TCP

OUT

Mail server for notifications

53

DNS / UDP

OUT

Lookup name of AD servers

80

HTTP / TCP

IN

Access to the Portal (non-secure)

88

TCP & UDP

OUT

Kerberos authentication of AD users

99

HTTPS / TCP

IN

Administration through the Web Console

HTTPS / TCP

OUT

Centralized administration of the Engine

123

NTP / UDP

OUT

Time synchronization

  • For CentOS-based appliances:

0.centos.pool.ntp.org

1.centos.pool.ntp.org

2.centos.pool.ntp.org

  • For Oracle Linux-based appliances:

0.pool.ntp.org

1.pool.ntp.org

2.pool.ntp.org

3.pool.ntp.org

389

LDAP / TCP

OUT

Connection to Active Directory (non-secure)

443

HTTPS / TCP

IN

Access to the Portal (secure)

WebSocket / TCP

IN

User connection from the Finder

WebSocket / TCP

IN

Collector TCP channel to the Portal (on-premises default)

HTTPS / TCP

IN

Installation and updates of the Finder from the Portal

Portal address

HTTPS / TCP

IN

Portal address

HTTPS / TCP

OUT

Connection to the Online License mechanism

license.nexthink.com

HTTPS / TCP

OUT

Connection to the Application Library

application‑library‑v5.nexthink.com

application‑library‑v6.nexthink.com

HTTPS / TCP

OUT

Connection to automatic updates

  • For CentOS-based appliances:

updates‑v6.nexthink.com

updates‑centos‑v6.nexthink.com

  • For Oracle Linux-based appliances:

updates-v6-el8.nexthink.com

636

LDAPs / TCP

OUT

Connection to Active Directory (secure)

999

TCP

OUT

Connection to the Engine

7000 7001 7002 7003

TCP

IN

Communication channels with the Engine

8100

HTTP / TCP

OUT

Send license information to Local License Manager

8300

TCP

IN OUT

Communication with Engines for Collector assignment

8301

TCP & UDP

IN OUT

Communication with Engines for Collector assignment

8443

WebSocket / TCP

IN

Collector default custom / Nexthink Cloud TCP channel to the Portal

10402

TCP

IN

Additional communication with Engines for Collector assignment

You can only connect to alib.nexthink.com when you use at least one of the following components in your environment:

  • Having the optional licensed component Customer Success Program

Local License Manager

The Local License Manager resides in the same machine as the Portal.

Port Number
Protocol
Direction (IN/OUT)
Reason

8100

HTTP / TCP

IN

Get license information from the Portal

Mobile Bridge

The Mobile Bridge needs to connect to the Exchange CAS to get mobile information. In turn, it offers a REST interface for the Engine to use to retrieve the collected information.

Port Number
Protocol
Direction (IN/OUT)
Reason

80

HTTP / TCP

OUT

Communication with Exchange (non-secure)

443

HTTPS / TCP

OUT

Communication with Exchange (secure)

11031

HTTP / TCP

IN

REST interface for the Engine

Finder

In the following table, we describe the different ports that must be opened on the computers running the Finder to communicate seamlessly with the other Nexthink components.

Port Number
Protocol
Direction (IN/OUT)
Reason
Domains

25

SMTP / TCP

OUT

Send email in case of error

HTTPS / TCP

OUT

Connection to the documentation website

doc.nexthink.com

443

WebSocket / TCP

OUT

User connection to the Portal

WebSocket / TCP

OUT

User connection to the Engine (Nexthink Cloud only)

HTTPS / TCP

OUT

Installation and updates of the Finder from the Portal

Portal address

HTTPS / TCP

OUT

Support telemetry

HTTPS / TCP

OUT

Connection to the Library

library.nexthink.com

999

TCP

OUT

User connection to the Engine (on-premises only)

You can only connect to alib.nexthink.com when you use at least one of the following components in your environment:

  • Having the optional licensed component Customer Success Program

Collector

In the following table, we describe the different ports that must be opened on the computers running the Nexthink Collector to send data seamlessly with the Nexthink Engine.

Port Number
Protocol
Direction (IN/OUT)
Reason

999

UDP

OUT

Optional: Collector UDP channel to the Engine

443

WebSocket / TCP

OUT

Collector default (on-premises) TCP channel to the Engine and, if rule-based Collector assignment is turned on, to the Portal

8443

WebSocket / TCP

OUT

Collector default custom / Nexthink Cloud TCP channel to the Engine and, if rule-based Collector assignment is turned on, to the Portal

Applies to platforms | Windows | macOS |

In addition, starting from V6.19, Windows Collector components call a Windows API method once every 24 hours that triggers a connection for client to domain controller operations through TCP port 135. Ephemeral TCP ports in the range 49152-65535 are used for service response.

Applies to platforms | Windows |


RELATED TASKS

RELATED REFERENCE

Starting from V6.19, the following additional connections are required if the is turned on. before activating the rule-based Collector assignment. The Collector assignment feature does not work when Portal and Engine are installed on the same Appliance.

alib.nexthink.com See note below table

Enabling

alib.nexthink.com See note below table

Enabling

rule-based Collector assignment
Federate your appliances
Federating your Appliances
Changing the default ports in the Appliance
ℹ️
ℹ️
API of remote actions
Nexthink Cloud Intelligence
Nexthink Cloud Intelligence
modify accordingly the port number where the Portal is listening
change as well the default port numbers in the Engine through the Web Console
620px-ApplianceCommonPorts-cos7.png
620px-ApplianceCommonPorts-ol8.png