Why port 445 to all endpoints RRS feed

  • Question

  • I am looking at the port requirements for ATA and I see under Gateway it says 

    Netlogon (SMB, CIFS, SAM-R) TCP and UDP 445

    All devices on network


    There is a mention down below that some of the ports that requested out to all devices on the network are used to draw the lateral movement path graph. Is this one of the ports that is doing that? Or is another reason why it needs to be done?

    Tuesday, July 10, 2018 1:57 PM


  • Hello,

    Just as the doc introduced, ATA Gateway needs to use the SAM-R to build the lateral movement path graph. The port 445 should be included in network logon.

    Best regards,

    Andy Liu

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 11, 2018 7:46 AM