# Secure Communication between Endpoint Central Server and WAN Agents

## How to secure communication between WAN agents and Endpoint Central Server?

### Description

This document will explain you the steps involved in securing the communication between the Endpoint Central server and WAN agents which are installed in various remote locations.

### Recommendation

You will have to follow the steps mentioned below:

1. Configure Endpoint Central server in such a way, that it should be reachable via public IP/FQDN address. You can also configure the Edge Device/Router in such a way that all the request that are sent to the Public IP/FQDN address gets redirected to the Endpoint Central Server.
2. Ensure that the Endpoint Central server has permission to reach/access the Active Directory if applicable.
3. It is always recommended to use HTTPs mode for agent server communication.
4. It is recommended to secure communication for Remote Control (Tools -> Remote Control -> Settings).
5. You will have to ensure that the following ports are open on the firewall based on the features that you use.

| Port | Type  | Purpose | Connection |
|---|---|---|---|
| 8027 | TCP | To complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another | Inbound to Server |
| 8383 | HTTPS | For communication between the agent or distribution server and the Endpoint Central server | Inbound to Server |
| 8443 | HTTPS | For Sharing Remote Desktops | Inbound to Server |

You have now secured communication between the Endpoint Central server and the WAN agents.

[How To's](https://www.manageengine.com/products/desktop-central/how-to.html)