For Windows endpoints port 445 must be used as this is for used for SMB communication. 

What are you trying to accomplish Manasvi? If the EPM Client is configured, it can report accounts back to BI on port 443 using the https://BI.something.com/Service/EventService.svc

You would only need to scan assets to see ports open, software installed, services and scheduled tasks.

https://www.beyondtrust.com/docs/beyondinsight-password-safe/bi/install/requirements/port.htm

So if you want to do more than account discovery, check the ports requirements above.

To expand upon the answers already provided - scanning target assets can be achieved in different ways depending upon what you need to discover, and what components are already deployed on those targets. 

If you are conducting pure network-based discovery scans, or need to discover more about the asset than just the local accounts which it contains, then the scan must be conducted via the discovery scanner which is part of the BeyondInsight deployment.

Depending upon the scan type, the ports used are fixed, because they are based upon the protocols used to perform the enumeration (e.g., SMB, also referred to as ‘microsoft-ds’ which uses TCP/445). 

If you have EPM already deployed on the target asset and integrated with BeyondInsight,  it can perform basic discovery scans to return the local accounts (as well as performing other account related actions, such as credential rotation).

This uses the EPM agent’s periodic connections back from the endpoint to BeyondInsight via it’s adapter, over HTTPS (TCP/443), where it receives its jobs - it then uses the same connection to report back the scan results/and job statuses.