Question

What ports are used by FTK, Lab, Enterprise, FTK Plus, and FTK Central?

 

Answer

ProductSource ComponentDestination ComponentPort
AllDistributed Processing ManagerCase/Evidence/Job Storage445
AllDistributed Processing EngineCase/Evidence/Job Storage445
AllForensic Tools ServiceCase/Evidence/Job Storage445
Enterprise
FTK Central
Site ServerNetwork Share Endpoints445
Enterprise
FTK Central
Site ServerOn-Network Agents39991
Enterprise
Enterprise Examiner
On-Network Agents
39991
Enterprise
FTK Plus
FTK Central
End UsersForensic Tools Service44431
FTK Plus
FTK Central
FTK Central ServiceCollab19876
AllDistributed Processing EngineDistributed Processing Manager34096
AllForensic Tools ServiceDistributed Processing Manager34096
AllDistributed Processing ManagerDistributed Processing Engine34097
Enterprise
FTK Central
FTK Central ServiceRoot Site Server543211
Enterprise
FTK Central
Child Site ServerParent Site Server545451
Enterprise
FTK Central
Parent Site ServerChild Site Server545451
Enterprise
FTK Central
Off-network AgentsPublic Site Server545451
AllDistributed Processing ManagerMSSQL1433, MSDTC2
AllDistributed Processing EngineMSSQL1433, MSDTC2
AllForensic Tools ServiceMSSQL1433, MSDTC2
Enterprise
FTK Central
Forensic Tools ServiceCloud ConnectorsVarious

 

User-configurable.

You may need to manually set exceptions for ports 135 (DTC) and 1024-65535 (DCOM) if allowing MSDTC by application doesn't work.  You can restrict the firewall rules to just the involved server's IPs.