Forescout®

Ports and Protocols

Best Practices Guide

Version 2.0
Ports and Protocols Best Practices Guide

Contact Information
Forescout Technologies, Inc.
190 West Tasman Drive
San Jose, CA 95134 USA
https://www.forescout.com/support-hub/
Toll-Free (US): 1.866.377.8771
Tel (Intl): 1.408.213.3191
Support: 1.708.237.6591

About the Documentation

▪ Refer to the Resources page on the Forescout website for additional technical
documentation: https://www.forescout.com/company/resources/
▪ Have feedback or questions? Write to us at [email protected]

Legal Notice
© 2021 Forescout Technologies, Inc. All rights reserved. Forescout Technologies, Inc. is a
Delaware corporation. A list of our trademarks and patents can be found at
https://www.forescout.com/company/legal/intellectual-property-patents-trademarks. Other
brands, products, or service names may be trademarks or service marks of their respective
owners.

Version 2.0 2
Ports and Protocols Best Practices Guide

Table of Contents
Introduction ................................................................................................. 4
1.1 Purpose ................................................................................................. 4
1.2 Audience ............................................................................................. 4

CounterACT Enterprise Manager & Appliance Port Requirements ................. 5

2.0 Port Requirements Overview .................................................................. 5
2.1 General Network Port Requirements ....................................................... 5
2.1.1 Requirements for All Appliances ....................................................... 5
2.1.2 Integrated Dell Remote Access (iDRAC) Requirements for Physical
Appliances ............................................................................................... 7
2.2 Plugin Network Port Requirements .......................................................... 7
2.2.1 Authentication Module .................................................................... 7
2.2.2 Content Module ............................................................................. 9
2.2.3 Core Extensions Module ................................................................ 11
2.2.4 Endpoint Module .......................................................................... 14
2.2.5 Extended Modules ........................................................................ 15
2.2.6 Network Module ........................................................................... 15
2.2.7 Open Integration Module (OIM) ..................................................... 17
2.2.8 Device Profile Library .................................................................... 17

1 Appendix: Glossary of Terms .............................................................. 19

Version 2.0 3
Ports and Protocols Best Practices Guide

Introduction
1.1 Purpose
This document contains information pertaining to the communications and
protocols needed to deploy Forescout for visibility and control of enterprise
assets. This document is a reference document for a Forescout eyeSight and
eyeControl implementation and is intended to be authoritative, and provide the
most up to date information with regards to the Forescout implementation. This
document shall be modified as needed and versioned as required to ensure that
the most up to date information has been included and distributed to the
requisite parties within the enterprise.

1.2 Audience
This deliverable has the following intended audiences:
• Customer Architects
• Service Owners
• Engineering
• Test Teams
• Other designers who will participate in the peer review and walkthrough of
the design

Version 2.0 4
Ports and Protocols Best Practices Guide

CounterACT Enterprise Manager &

Appliance Port Requirements
2.0 Port Requirements Overview

2.1 General Network Port Requirements

2.1.1 Requirements for All Appliances

General
Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound SSH management from
Enterprise Manager(s) to
CounterACT appliance(s)

Version 2.0 5
Ports and Protocols Best Practices Guide

25 TCP SMTP Outbound Email notification for users and

administrators; Access to the
enterprise mail relay
53 UDP DNS Outbound Access to resolve internal and
external IP addresses
123 UDP NTP Outbound Access time server
443 TCP HTTPS Outbound Access to CounterACT license
servers:
https://license.forescout.com;
https://license1.forescout.com;
30022 TCP SSH Tunnel Outbound Remote_Support to
https://svc23.forescout.com;
30023 TCP SSH Tunnel Outbound Remote_Support to
https://svc23.forescout.com;
22 TCP SSH Inbound Allows administrators to access
the CounterACT command line
interface (CLI)
80 TCP HTTP Inbound Allows access to Assets Portal,
Reports, Web Pages
443 TCP HTTPS Inbound Allows access to Assets Portal,
Reports, Web Pages, and allow
HTTP redirection using TLS
2222 TCP SSH Inbound (High Availability) Allows
access to the physical
CounterACT nodes via Miniroot
that are part of the High
Availability cluster. Use 22/TCP
to access the shared (virtual)
IP address of the cluster.
13000 TCP TLS Inbound CounterACT management
including: GUI to EM, EM to
CT, and CT to CT (inter-
appliance communication)
443 TCP HTTPS Inbound HTTPS-based data exchange

Version 2.0 6
Ports and Protocols Best Practices Guide

2.1.2 Integrated Dell Remote Access (iDRAC)

Requirements for Physical Appliances

Integrated Dell Remote Access (iDRAC)

Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Inbound Remote CLI administration
23 TCP Telnet Inbound Remote CLI administration
80 TCP HTTP Inbound Redirected management
connection
161 UDP SNMP Inbound Network management
443 TCP HTTPS Inbound Management using TLS
623 TCP RMCP/RMCP+ Inbound Authentication for IPMI
3668 TCP dell-rm-port Inbound Dell remote management Virtual
Media Redirection
5869 TCP RACADM Inbound Remote racadm server
5900 TCP VNC Inbound Virtual keyboard and mouse
5901 TCP VNC Inbound Virtual console video

2.2 Plugin Network Port Requirements

2.2.1 Authentication Module
2.2.1.1 802.1x Network Port Requirements

802.1x

Port Transport Service Inbound/ Function

Protocol Outbound
1645 UDP RADIUS Outbound
1646 UDP RADIUS Outbound
1812 UDP RADIUS Outbound
1813 UDP RADIUS Outbound
1645 UDP RADIUS Inbound
1646 UDP RADIUS Inbound
1812 UDP RADIUS Inbound
1813 UDP RADIUS Inbound

Version 2.0 7
Ports and Protocols Best Practices Guide

2.2.1.2 Aruba ClearPass Network Port Requirements

Aruba ClearPass
Port Transport Service Inbound/ Function
Protocol Outbound
80 TCP HTTP Outbound Retrieve URL content
161 UDP SNMP Outbound SNMP OID query
22 TCP SSH Outbound SSH management

2.2.1.3 User Directory Network Port Requirements

User Directory
Port Transport Service Inbound/ Function
Protocol Outbound
49 TCP/UDP TACACS+ Outbound Login host protocol
389 TCP LDAP Outbound Lightweight Directory Access
Protocol (LDAP) used for
external directory query
636 TCP LDAPS/LDAP Outbound Lightweight Directory Access
over TLS Protocol (LDAP) over TLS used
for external directory query
1812 TCP/UDP RADIUS Outbound RADIUS authentication protocol,
radius
1813 TCP/UDP RADIUS Outbound RADIUS accounting protocol,
radius-acct
3268 TCP msft-gc Outbound Lightweight Directory Access
Protocol (LDAP) used for global
catalog query of Active
Directory (AD) forests
3269 TCP msft-gc-ssl Outbound Lightweight Directory Access
Protocol (LDAP) over TLS used
for global catalog query of
Active Directory (AD) forests
80 TCP HTTP Inbound HTTP corporate or guest portal
login
443 TCP HTTPS Inbound HTTPS corporate or guest portal
login

Version 2.0 8
Ports and Protocols Best Practices Guide

2.2.2 Content Module

2.2.2.1 Host Property Scanner (HPS) Inspection Engine Classification
Network Port Requirements

Host Property Scanner (HPS) Inspection Engine Classification

Inbound/
Transport
Port Service Function
Protocol
Outbound

Server Identification
4 TCP SFS Outbound (Self-Certifying File
System)
Server Identification
21 TCP FTP Outbound
(File Transfer Protocol)
System Identification
22 UDP SSH Outbound
(Banner)
System Identification
23 TCP Telnet Outbound
(Banner)
Mail Server
25 TCP SMTP Outbound
Identification
79 TCP Finger Outbound System Identification
Web Server
Identification
80 TCP HTTP Outbound
Printer Identification
and NAT Detection
88 TCP/UDP Kerberos Outbound Mac OS X kerberos-sec
Mail Server
110 TCP POP3 Outbound
Identification
Port Mapper, NFS User
111 TCP RPC (*nix) Outbound
Name Mapping
Windows System
135 UDP RPC (Windows) Outbound
Identification
Windows Identification /
139 TCP NetBIOS Outbound
Management
Mail Server
143 TCP IMAP Outbound
Identification
Mail Server
220 TCP IMAP3 Outbound
Identification
Windows Identification /
445 TCP ActiveDirectory Outbound
Management
513 TCP rlogind Outbound System Identification
515 TCP JetDirect Outbound Printer Identification
631 TCP Print Spooler Outbound Printer Identification
VPN Server
1723 TCP PPTP Outbound
Identification

Version 2.0 9
Ports and Protocols Best Practices Guide

Windows Identification /
3389 TCP Remote Desktop Outbound
Management
Web Server
8080 TCP HTTP Outbound Identification
(Alternate)
9100 TCP IPP Outbound Printer Identification
41351 TCP (Undefined) Outbound (Part of Active OS scan)
iOS Detection (iPod,
62078 TCP iOS Synch Outbound
iPad, iPhone)
Used to determine if
ICMP is enabled on
40000-
UDP Forescout Function Outbound network. If ICMP is not
65535
enabled, UDP port scans
will not function.

2.2.2.2 Host Property Scanner (HPS) OS Fingerprinting

Host Property Scanner (HPS) OS Fingerprinting

Port Transport Service Inbound/ Function
Protocol Outbound
Known TCP Forescout Outbound OS Fingerprinting using
Open Function NMAP
and
UDP Forescout Outbound OS Fingerprinting using
Closed
Function NMAP
Ports
ICMP Forescout Outbound OS Fingerprinting using
Function NMAP

NMAP OS fingerprinting

Nmap OS fingerprinting works by sending up to 16 TCP, UDP, and ICMP probes to

known open and closed ports of the target machine. These probes are specially
designed to exploit various ambiguities in the standard protocol RFCs. Then
Nmap listens for responses. Dozens of attributes in those responses are analyzed
and combined to generate a fingerprint. Every probe packet is tracked and resent
at least once if there is no response. All of the packets are IPv4 with a random IP
ID value. Probes to an open TCP port are skipped if no such port has been found.
For closed TCP or UDP ports, Nmap will first check if such a port has been found.
If not, Nmap will just pick a port at random and hope for the best.
Refer to Link for more details - https://nmap.org/book/osdetect-
methods.html

Version 2.0 10
Ports and Protocols Best Practices Guide

2.2.2.3 Host Property Scanner (HPS) Vulnerability Database (DB)

Network Port Requirements

Host Property Scanner (HPS) Vulnerability Database (DB)

Port Transport Service Inbound/ Function
Protocol Outbound
80 TCP HTTP Inbound DB Download for hosts

2.2.3 Core Extensions Module

2.2.3.1 Advanced Tools Network Port Requirements

Advanced Tools
Port Transport Service Inbound/ Function
Protocol Outbound
80 TCP HTTP Outbound Retrieve URL content
161 UDP SNMP Outbound SNMP OID query
22 TCP SSH Outbound SSH management

2.2.3.2 Dynamic Host Configuration Protocol (DHCP) Classifier

Network Port Requirements

Dynamic Host Configuration Protocol (DHCP) Classifier

Port Transport Service Inbound/ Function
Protocol Outbound
67 UDP DHCP/BOOTP Inbound OS Fingerprint

2.2.3.3 Domain Name Service (DNS) Client Network Port Requirements

Domain Name Service (DNS) Client

Port Transport Service Inbound/ Function
Protocol Outbound
53 UDP DNS Outbound Name lookup

Version 2.0 11
Ports and Protocols Best Practices Guide

2.2.3.4 Domain Name Service (DNS) Enforce Network Port

Requirements

Domain Name Service (DNS) Enforce

Port Transport Service Inbound/ Function
Protocol Outbound
53 UDP DNS Inbound DNS Enforce hijacking

2.2.3.5 External Classifier Network Port Requirements

External Classifier
Port Transport Service Inbound/ Function
Protocol Outbound
21 TCP FTP Outbound Retrieve flat classification file
from FTP server

2.2.3.6 Microsoft System Management Server (SMS) / System Center

Configuration Manager (SCCM) Network Port Requirements

Microsoft SMS/SCCM
Port Transport Service Inbound/ Function
Protocol Outbound
1433 TCP MS SQL Outbound Allows CounterACT to query
SCCM database
1434 UDP MS SQL Outbound Allows CounterACT to query
SCCM database Instance

2.2.3.7 NetBIOS over TCP/IP (NBT) Scanner Network Port

Requirements

NetBIOS over TCP/IP (NBT) Scanner

Port Transport Service Inbound/ Function
Protocol Outbound
137 TCP NetBIOS Outbound Lookup NetBIOS Names
137 UDP NetBIOS Outbound NetBIOS Name Response

Version 2.0 12
Ports and Protocols Best Practices Guide

2.2.3.8 NetFlow Network Port Requirements

NetFlow
Port Transport Service Inbound/ Function
Protocol Outbound
2055 UDP NetFlow Inbound L3 transmission of traffic using
flow exporters to forward traffic
from segments of interest.

2.2.3.9 Reports Network Port Requirements

Reports
Port Transport Service Inbound/ Function
Protocol Outbound
80 TCP HTTP Inbound Redirection to Reports Portal
443 TCP HTTPS Inbound Access to Reports Portal

2.2.3.10 Syslog Network Port Requirements

Syslog
Port Transport Service Inbound/ Function
Protocol Outbound
514 TCP/UDP Syslog Outbound Sends syslog messages to a
syslog server
514 UDP Syslog Inbound Receives syslog messages
supporting advanced capabilities

2.2.3.11 Technical Support Network Port Requirements

Technical Support
Port Transport Service Inbound/ Function
Protocol Outbound
443 TCP TLS Outbound Snapshot/Snapsend files to
ForeScout support:
https://snapshot.forescout.com;

Version 2.0 13
Ports and Protocols Best Practices Guide

2.2.4 Endpoint Module

2.2.4.1 Host Property Scanner (HPS) Inspection Engine Host
Management Network Port Requirements

Host Property Scanner (HPS) Inspection Engine Host Management

Port Transport Service Inbound/ Function
Protocol Outbound
88 TCP/UDP Kerberos Outbound Windows authentication
135 TCP WMI Outbound Windows Management via WMI
139 TCP NetBIOS Outbound Windows Management
445 TCP SMB/MS DS Outbound Windows Management
10003 TCP SSL/TLS Inbound Allows a SecureConnector tunnel
between windows endpoints and
the Appliance.

2.2.4.2 Linux Network Port Requirements

Linux
Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound Remote Inspection using SSH
management for Linux and Unix
devices
10006 TCP SSH Tunnel Inbound Allows a SecureConnector tunnel
between Linux and Mac
endpoints and the Appliance.

2.2.4.3 Operating System (OS) X Network Port Requirements

Operating System (OS) X

Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound Remote Inspection using SSH
management for Mac devices
10005 TCP SSH Tunnel Inbound Allows a SecureConnector tunnel
between Mac endpoints and the
Appliance.

Version 2.0 14
Ports and Protocols Best Practices Guide

2.2.5 Extended Modules

For the extended modules, please consult the documentation of the appropriate
extended module for precise port usage. These ports are as per third-party vendor
specifications and may change as the vendor so directs. In general, most extended
modules will utilize HTTPS (TCP 443), Syslog (UDP/TCP 514), and/or SQL (TCP 1433)
for communications with Forescout.

2.2.6 Network Module

2.2.6.1 Cisco ASA Firewall Network Port Requirements

Cisco PIX/ASA Firewall

Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound SSH management

2.2.6.2 NetScreen Firewall Network Port Requirements

NetScreen Firewall
Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound SSH management

2.2.6.3 Switch Network Port Requirements

Switch
Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound Switch management
23 TCP Telnet Outbound Switch management
161 UDP SNMP Get/Set Outbound Allows CounterACT to
communicate with network
switches and routers for
management
830 TCP SSH/XML Outbound Manage Netconf (Juniper)
devices
162 UDP SNMP Trap Inbound Notification from switches

Version 2.0 15
Ports and Protocols Best Practices Guide

2.2.6.4 Virtual Firewall Network Port Requirements*

Virtual Firewall
Port Transport Service Inbound/ Function
Protocol Outbound
All TCP All Outbound TCP RST (reset) messages
All ICMP All Outbound ICMP unavailable messages

*The response port may not be the management port depending on the
configuration.

2.2.6.5 Virtual Private Network (VPN) Network Port

Requirements

Virtual Private Network (VPN)

Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound Manage Remote Access Server
(RAS) VPN
23 TCP Telnet Outbound Manage Remote Access Server
(RAS) VPN
161 UDP SNMP Get/Set Outbound Manage Remote Access Server
(RAS) VPN

2.2.6.6 Wireless Network Port Requirements

Wireless
Port Transport Service Inbound/ Function
Protocol Outbound
22 TCP SSH Outbound Manage Wireless AP or
Controller
23 TCP Telnet Outbound Manage Wireless AP or
Controller
161 UDP SNMP Get/Set Outbound Wireless management
830 TCP SSH/XML Outbound Manage Netconf (Juniper)
devices
162 UDP SNMP Trap Inbound Notification from Wireless AP or
Controller

Version 2.0 16
Ports and Protocols Best Practices Guide

2.2.7 Open Integration Module (OIM)

2.2.7.1 Data Exchange (DEX) Network Port Requirements

Data Exchange (DEX)

Port Transport Service Inbound/ Function
Protocol Outbound
1433 TCP SQL Outbound SQL DB connection

2.2.8 Device Profile Library

2.2.8.1 Device Profile Library Port Requirements

Device Library
Port Transport Service Inbound/ Function
Protocol Outbound
21 TCP FTP Outbound Network Attached
Storage Device
22 TCP SSH/File Outbound Network Attached
Storage Device
80 TCP HTTP Outbound Temperature Monitor
102 TCP N/A Outbound PLC Device
104 TCP DICOM Outbound DICOM Server
111 TCP N/A Outbound Printer
161 UDP SNMP Outbound Network Device and
Printer
443 TCP HTTPS Outbound Network Attached
Storage Device
500 UDP N/A Outbound Medication Dispensing
System
515 TCP LPD Outbound Printer
554 TCP N/A Outbound IP Camera
1720 TCP N/A Outbound VoIP Device
1732 UDP N/A Outbound Patient Monitor
1801 TCP N/A Outbound Medication Dispensing
System

Version 2.0 17
Ports and Protocols Best Practices Guide

1950 TCP N/A Outbound Patient Monitor

2000 TCP N/A Outbound Patient Monitor and
Patient Cart
2050 TCP N/A Outbound Patient Monitor
2100 TCP N/A Outbound Patient Monitor
2150 TCP N/A Outbound Patient Monitor
2222 UDP N/A Outbound PLC Device
5247 UDP N/A Outbound Network Device
5684 UDP N/A Outbound IKEA Gateway
8080 TCP N/A Outbound Network Attached
Storage Device
9007 TCP N/A Outbound Printer
9100 TCP N/A Outbound Printer
24000 TCP N/A Outbound Phillips Intellivue
Device
24001 TCP N/A Outbound Phillips Intellivue
Device
24002 TCP N/A Outbound Phillips Intellivue
Device
24003 TCP N/A Outbound Phillips Intellivue
Device
24004 TCP N/A Outbound Phillips Intellivue
Device
24005 TCP N/A Outbound Phillips Intellivue
Device
44818 TCP N/A Outbound PLC Device
51243 TCP N/A Outbound Infusion Pump
53213 UDP N/A Outbound Printer
62078 TCP N/A Outbound Mobile Device

Version 2.0 18
Ports and Protocols Best Practices Guide

1 Appendix: Glossary of Terms

Active Directory A software product from Microsoft that stores users, groups, and computers as
well as Domain Name Services (DNS). It provides authentication and name
resolution services.

AAP – The autonomous access point is an access point device that supports standalone
Autonomous AP – network configurations, where all settings are maintained locally on the device.
Autonomous Configure the Wireless Plugin to manage autonomous access points.
Access Point

Channel Wireless channels are assigned to Wi-Fi radios. Multiple channels are used to
allow devices to communicate without interference.
The name of Network Access Control software product manufactured by
CounterACT
ForeScout and being implemented in HQ and RHDC.
Protocol for providing an IP address to a device attached to a network.
DHCP – Dynamic
Host Control
Protocol

DNS – Domain A hierarchical naming system built on a distributed database for computers,
Name System services, or any resource connected to the Internet or a private network. Most
importantly, it translates domain names meaningful to humans into the
numerical identifiers associated with networking equipment for the purpose of
locating and addressing these devices worldwide.

Enterprise The name of the appliance manufactured by ForeScout and being implemented
Manager in COS. It controls and manages the policies used for compliance checking and
logging of client devices.

ForeScout The name of the Network Access Control manufacturer whose products are
being implemented in ROCC, RHDC, and HQ.

HPS – Host Agentless solution for executing compliance checks on Windows domain
Property Scanner connected devices.
The principal communication protocol responsible for routing packets Customer
IP – Internet
network boundaries. The primary protocol that established the Internet.
Protocol
A computer network that connects computers and devices in a limited
LAN – Local Area
geographical area such an office or building.
Network
The lightweight access point is a device that is managed by a WLAN controller
LAP – Lightweight
and cannot act independently of the controller. Lightweight APs have no
AP – Lightweight
configuration until they associate with a controller. LAPs are zero touch
Access Point
deployed and are not individually configured.

Version 2.0 19
Ports and Protocols Best Practices Guide

An application level protocol used for reading and editing directories over an IP
LDAP –
network.
Lightweight
Directory Access
Protocol

MDM – Mobile Solution to manage mobile devices such as tablets and smartphones that are not
Device managed by Windows Active Directory.
Management

MPLS – A mechanism in high-performance telecommunications networks that directs

MultiProtocol data from one network node to the next based on short path labels rather than
Label Switching long network addresses, avoiding complex lookups in a routing table. MPLS can
encapsulate packets of various network protocols and supports a range of access
technologies, including T1/E1, ATM, Frame Relay, and DSL.

MS DS – Microsoft Solution
Directory Service

NAC – Network Solution to provide visibility and control over managed and unmanaged network
Access Control endpoints and restrict access based on credentials and compliance.

NTP – Network Time protocol used to synchronize servers with a single clock.
Time Protocol

SSID Service Set Identifier. A public name of a WiFi network.

SSL/TLS Secures network communications and sensitive data in transit by using

encryption algorithms. TLS is the more updated and secure version of SSL.

Syslog Log messaging protocol used to provide near real-time events for alerting and
logging.

VLAN – Virtual A group of hosts with a common set of requirements that communicate as if
Local Area they were attached to the same broadcast domain, regardless of their physical
Network location. A VLAN has the same attributes as a physical local area network, but
allows for end nodes to be grouped together even if they are not located on the
same network switch.

VM – Virtual A server or desktop that has been virtualized

Machine

Wi-Fi Wi-Fi is an industry marketing association that certifies wireless products with
the Wi-Fi certification.

WLAN Wireless Local Area Network is an extension of the wired network using wireless
radios to connect client devices to wireless access points.

WLC – Controller – A device that manages one or more lightweight access point in the WLAN. The
WLAN Controller – WLAN controller performs all the traditional roles of an AP, such as association

Version 2.0 20
Ports and Protocols Best Practices Guide

Wireless LAN or authentication of wireless clients. The WLAN controller provides all the
Controller configuration parameters and firmware that the lightweight access point needs
in the registration process. Configure the Wireless Plugin to manage WLAN
controllers.

Wireless Client An endpoint that attempts to connect to or is currently connected to a WLAN

device.

Contact Information
Forescout Technologies, Inc.
190 West Tasman Drive
San Jose, CA 95134 USA
https://www.forescout.com/support/
Toll-Free (US): 1.866.377.8771
Tel (Intl): 1.408.213.3191
Support: 1.708.237.6591

About the Documentation

▪ Refer to the Resources page on the Forescout website for additional technical
documentation: https://www.forescout.com/company/resources/
▪ Have feedback or questions? Write to us at [email protected]

Legal Notice
© 2021 Forescout Technologies, Inc. All rights reserved. Forescout Technologies, Inc. is a
Delaware corporation. A list of our trademarks and patents can be found at
https://www.forescout.com/company/legal/intellectual-property-patents-trademarks. Other
brands, products, or service names may be trademarks or service marks of their respective
owners.

Version 2.0 21