This article explains the firewall exceptions for the Sophos Remote Management System (RMS) TCP ports - including direction.
Applies to the following Sophos product and version
Sophos Enterprise Manager
Sophos Control Center
Sophos Anti-Virus for Windows 2000+
What To Do
See diagram below for clarification.
Note: TCP port 8193 is not used for communication but you will see RMS listening on the port.
Click image to zoom in.
Port 8192 (TCP) is used to provide the connecting client (message router) with information on how to find connect to the SSL port for future communication.
Port 8192 (TCP) hosts an Interoperable Object Reference (IOR), which encodes within it the port and address for the client to connect back to. By default this is the IP address of the parent message router and port 8194 (TCP).
Port 8193 (TCP) although in a listening state is not used for communication and can therefore be safely fire-walled.