Port Utilization in Finesse

• Port Utilization Table Columns, on page 1• Finesse Port Utilization, on page 2

Port Utilization Table ColumnsThe columns in the port utilization tables in this document describe the following:

Listener (Process or Application Protocol)

A value representing the server or application and where applicable, the open or proprietary applicationprotocol.

Listener Protocol and Port

An identifier for the TCP or UDP port that the server or application is listening on, along with the IPaddress for incoming connection requests when acting as a server.

Remote Device (Process or Application Protocol)

The remote application or device making a connection to the server or service specified by the protocol;or listening on the remote protocol and port.

Remote Protocol and Port

The identifier for the TCP or UDP port that the remote service or application is listening on, along withthe IP address for incoming connection requests when acting as the server.

Traffic Direction

The direction that traffic flows through the port: Inbound, Bidirectional, Outbound.

• The operating system dynamically assigns the source port that the local application or service uses toconnect to the destination port of a remote device. In most cases, this port is assigned randomly aboveTCP/UDP 1024.

• For security reasons, keep open only the ports mentioned in this guide and those required by yourapplication. Keep the rest of the ports blocked.

Note

Port Utilization in Finesse1

Finesse Port UtilizationTable 1: Cisco Finesse Tomcat

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Unsecure port used for Finesseadministration console, Finesseagent and supervisor desktop,Finesse Web Services, andFinesse Desktop Modules(gadgets) with the Finessedesktop.

BidirectionalBrowserTCP 80, 8082HTTP

Secure port used for Finesseadministration console, Finesseagent and supervisor desktop,Finesse Web Services, andFinesse Desktop Modules(gadgets) with the Finessedesktop.

BidirectionalBrowserTCP 443, 8445HTTPS

Table 2: Platform Tomcat

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Unsecure port used for accessto platform administration,platform serviceability, andDisaster Recovery System.

BidirectionalBrowserUDP 8080HTTP

Secure port used for access toplatform administration,platform serviceability, andDisaster Recovery System.

BidirectionalBrowserUDP 8443HTTPS

Port Utilization in Finesse2

Port Utilization in FinesseFinesse Port Utilization

Table 3: IM and Presence Service Ports

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Connectivity testing. Uses aproprietary protocol.

Bidirectional——TCP 8500IPSecManagerdaemon

Cluster replication of platformdata (hosts) certificates and soon. Uses a proprietary protocol.

Bidirectional——UDP 8500IPSecManagerdaemon

Table 4: Platform Database

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Informix Database Software(IDS) access and replication

BidirectionalTCP 1500DBMON

DBL RPC, this is used duringinstallation to set up IDSreplication between nodes

BidirectionalIntra-Cluster communicationTCP 1515DBL RPC

Table 5: Cisco Finesse Notification Service

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Unsecure XMPP connectionbetween the Finesse server andcustom applications on the agentor supervisor desktops forcommunication over HTTP.

BidirectionalBrowser, agent desktopTCP 5222XMPP

Secure XMPP connectionbetween the Finesse server andcustom applications on the agentor supervisor desktops forcommunication over HTTPS.

BidirectionalBrowser, agent desktopTCP 5223XMPP

Unsecure BOSH connectionbetween the Finesse server andagent and supervisor desktopsfor communication over HTTP.

BidirectionalBrowser, agent desktopTCP 7071BOSH (HTTP)

Port Utilization in Finesse3

Port Utilization in FinesseFinesse Port Utilization

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Secure BOSH connectionbetween the Finesse server andagent and supervisor desktopsfor communication overHTTPS.

BidirectionalBrowser, agent desktopTCP 7443BOSH(HTTPS)

Table 6: Platform System Services

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

SFTP access for hostedthird-party gadget support

BidirectionalTCP 22SFTP

Platform CLIBidirectionalSSH clientTCP 22SSH

Network time synchronizationBidirectionalNTP serverUPD 123NTP

The platformAMC service usesthis connection to allow theRTMT tool to retrieve anddisplay platform alerts.

BidirectionalRTMT clientTCP 1090,1099

Platform AlertManager andCollector(AMC) service

Used by the RISDC platformservice. The Real-timeInformation Server (RIS)maintains real-time CiscoUnified CM information suchas device registration status,performance counter statistics,critical alarms generated, and soon. The Cisco RISDC serviceprovides an interface forapplications, such as RTMT,SOAP applications, CiscoUnified CMAdministration andAMC to retrieve the informationthat is stored in all RIS nodes inthe cluster.

BidirectionalRTMT clientTCP 2555Real-timeInformationService DataCollector(RISDC)service

DRF serviceBidirectionalPlatform Administrationwebapp

TCP 4040DisasterRecoveryFramework(DRF) MasterAgent Service

Port Utilization in Finesse4

Port Utilization in FinesseFinesse Port Utilization

Table 7: Primary and Secondary Node Communication

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

The primary and secondaryFinesse servers use this XMPPconnection to communicatewitheach other to monitorconnectivity.

BidirectionalTCP 5222XMPP

Table 8: Third-Party (External) Web Server

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Gadgets hosted on a third-party(external) web server are fetchedthrough the Finesse server onthe port exposed by said webserver.

BidirectionalTCP 80, 8082HTTP

Gadgets hosted on a third-party(external) web server are fetchedthrough the Finesse server onthe port exposed by said webserver.

BidirectionalTCP 443, 8445HTTPS

Table 9: Unified Contact Center Enterprise

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Administration & Data Server settings

Connection to the AWDB forauthentication and authorizationof agents and supervisors

BidirectionalTCP 14331JDBC (SQL)

CTI Server settings (Side A and B)

Port Utilization in Finesse5

Port Utilization in FinesseFinesse Port Utilization

NotesTrafficDirection

RemoteProtocol andPort

Remote Device (Process orApplication Protocol)

ListenerProtocol andPort

Listener(Process orApplicationProtocol)

Connection to the Agent PG forCTI Server events (such asAgents, Teams, Queues, andCall events)

BidirectionalSide A:

TCP 420271

Side B:

TCP 430271

GED-188

1The ports listed are the default ports for these connections. You can use different ports than the ones specifiedin this table.

Port Utilization in Finesse6

Port Utilization in FinesseFinesse Port Utilization