Local ports and URL access

To implement certain features, the security software installed on the computers on the network uses these listening ports:

TCP port 18226: Used by computers with the cache role on all network interfaces. See Cache role.
TCP port 21226: Used by computers with the cache role to request the files to download on all network interfaces. See Cache role.
TCP port 3128: Used by computers with the proxy role on all network interfaces. See Panda proxy role.
UDP port 21226: Used by computers with the discovery computer role on all network interfaces. See Discovery computer role
TCP port 33000: Used by computers that make a VPN connection to the Firebox on all network interfaces, and for communication between computers. See Network Access Enforcement and Endpoint Access Enforcement settings.
UDP port 35621: Used by the protection module on the localhost interface.

UDP port 21226: Used by computers with the discovery computer role on all network interfaces. See Discovery computer role
TCP port 4575: Used by the protection module on the localhost interface.
TCP port 8310: Used by the protection module on the localhost interface.
TCP port 5560: Internal process communication on the localhost interface.
TCP port 33000: Used by computers that make a VPN connection to the Firebox on all network interfaces, and for communication between computers. See Network Access Enforcement and Endpoint Access Enforcement settings.

UDP port 21226: Used by computers with the discovery computer role on all network interfaces. See Discovery computer role
TCP port 33000: Used by computers that make a VPN connection to the Firebox on all network interfaces. See Network Access Enforcement.
TCP port 4575: Used by the protection module on the localhost interface.
TCP port 8310: Used by the protection module on the localhost interface.
TCP port 5560: Internal process communication on the localhost interface.
TCP port 33000: Used by computers that make a VPN connection to the Firebox on all network interfaces, and for communication between computers. See Network Access Enforcement and Endpoint Access Enforcement settings.

You can access the management console with the latest version of these browsers:

For Panda Adaptive Defense 360 to work correctly, the protected computers must be able to access these URLs.

Product name	URLs
Panda Adaptive Defense 360	https://.pandasecurity.com Downloading of installers, the generic uninstaller, and policies. Agent communications (registration, configuration, tasks, actions, status, real-time communications). Communications between the protection and Collective Intelligence. Downloading of signature files on Android systems. http://.pandasecurity.com Downloading of signature files (on all systems except Android). https://*.windows.net URLs to send unknown files: cmg-fusmb.pandasecurity.com cmp-fusmb.pandasecurity.com cpg-fusmb.pandasecurity.com cpp-fusmb.pandasecurity.com cppi-fusmb.pandasecurity.com cppl-fusmb.pandasecurity.com cppe-fusmb.pandasecurity.com rpuws.pandasecurity.com
Root certificates	http://.globalsign.com http://.digicert.com http://*.sectigo.com
Web filtering	https://rp.cloud.threatseeker.com https://wg.cloud.threatseeker.com
Panda Data Control	https://pandasecurity.devo.com
Panda Patch Management	https://content.ivanti.com https://application.ivanti.com https://stlicense.ivanti.com https://help.ivanti.com https://license.shavlik.com
Activity testing	For Windows protection versions higher than 8.00.16. http://proinfo.pandasoftware.com/connectiontest.html For connectivity tests: http://*.pandasoftware.com
Network attack protection	https://cpg-nap.pandasecurity.com/nap/buffer https://cpp-nap.pandasecurity.com/nap/buffer
Service access URLs

For a complete list of the URLs that must be accessible to the network computers that receive patches or have the cache/repository role, see this support article: https://www.pandasecurity.com/uk/support/card?id=700044.