diff --git a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
index a7582338f8..d322dd7c9c 100644
--- a/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
+++ b/en/docs/install-and-setup/setup/deployment-best-practices/security-guidelines-for-production-deployment.md
@@ -909,7 +909,8 @@ This section provides a list of security guidelines for configuring the network
 <tr class="odd">
 <td><p>Check open ports and services</p></td>
 <td><p>Periodically check for open ports using port scanning tools and make sure that only the necessary ports are open to both internal and external networks. Be sure that only the ports relevant to your WSO2 products are open for communication. If there are other ports started, be sure to monitor them.</p>
-<p>For the full list of ports in all WSO2 products, see <a href="{{base_path}}/install-and-setup/setup/reference/default-product-ports/">Default Product Ports</a>.</p></td>
+<p>For the full list of ports in all WSO2 products, see <a href="{{base_path}}/install-and-setup/setup/reference/default-product-ports/">Default Product Ports</a>.</p>
+<p><strong>Note:</strong> Some ports may be dynamically allocated during server operations. When monitoring open ports, verify that any dynamic ports are expected and properly secured according to your deployment requirements. Dynamic port allocation can occur due to specific runtime configurations, JMX monitoring, clustering, and other operational requirements.</p></td>
 </tr>
 <tr class="even">
 <td><p>Configure device-level security</p></td>
diff --git a/en/docs/install-and-setup/setup/reference/default-product-ports.md b/en/docs/install-and-setup/setup/reference/default-product-ports.md
index bfb860b010..567dbe28a1 100644
--- a/en/docs/install-and-setup/setup/reference/default-product-ports.md
+++ b/en/docs/install-and-setup/setup/reference/default-product-ports.md
@@ -85,6 +85,14 @@ Listed below are the ports used by the API-M runtime when the [port offset]({{ba
             SSL port of the secure transport for receiving throttling events. This is required when the binary data publisher is used for throttling.
         </td>
     </tr>
+    <tr>
+        <td>
+            <code>10711</code>
+        </td>
+        <td>
+            SSL port for the secure transport used in data publishing and analytics. This port is used for secure communication with analytics servers.
+        </td>
+    </tr>
     <tr>
         <td>
             <code>9099</code>
@@ -93,6 +101,38 @@ Listed below are the ports used by the API-M runtime when the [port offset]({{ba
             Web Socket ports.
         </td>
     </tr>
+    <tr>
+        <td>
+            <code>8099</code>
+        </td>
+        <td>
+            Web Socket secure port (WSS).
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <code>9021</code>
+        </td>
+        <td>
+            TCP port used for internal event streaming and communication between API-M components.
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <code>8021</code>
+        </td>
+        <td>
+            Port used for internal event streaming communication.
+        </td>
+    </tr>
+    <tr>
+        <td>
+            <code>8672</code>
+        </td>
+        <td>
+            Port used for message broker AMQP transport with SSL.
+        </td>
+    </tr>
     <tr>
         <td>
             <code>8000</code>