UDP Port 500 is used for ISAKMP key exchange between firewalls or between a firewall and a host running Secure Client.
TCP Port 900 is used by FireWall-1's HTTP Client Authentication mechanism.
UDP Port 2746 is used for UDP Encapsulation Mode.
TCP Port 18183 is used for SAM (Suspicious Activity Monitoring, for intrusion detection).
TCP Port 18184 is used for Log Export API (lea) .
TCP Port 18207 is used to log onto the Policy Server for Secure Client.
TCP Port 18208 is used for Check Point's Remote Installation Daemon.
TCP Port 18181 is used for CVP (Content Vectoring Protocol, for anti-virus scanning).
TCP Port 18182 is used for UFP (URL Filtering Protocol, for WebSense and the like).
TCP Port 256 is used Exchange of CA and DH keys in FWZ and SKIP encryption between two FireWall-1 Management Consoles。Or When installing a policy, the management console uses this port to push the policy to the remote firewall.
TCP Port 257 is used by a remote firewall module to send logs to a management console.
TCP Port 259 is used for Client Authentication.
UDP Port 259 is used in FWZ encryption to manage the encrypted session (SecuRemote and FireWall-1 to FireWall-1 V.P.Ns).
UDP Port 260 and UDP Port 161 are used for the SNMP daemon that Check Point FireWall-1 Provides