I'm currently working on documenting and designing the new ZCM that we will be deploying to all users in our network in a few short weeks. I need to think of not just the project we are in now(K12 school district, 12k students), but also the option to scale out across just what we are doing now, in the same zone, another 15k users...

I have hit a little burdle with content-replication. From before I know that all servers must be able to talk to the common database, which is no problem. (same firewall zone as the first ZCM thats getting installed, the rest of the servers will sit in a dedicated zone which all clients can reach)
What I cannot find documented in any datasheet or anything, is how ZCM replicates its own content(bundles, policies...) across the valid servers. (I know imaging files are not syncronized, thats not an issue). I see in the configuration that you can throttle, but not much more.

What ports does it use? I need to know so the firewall team can do a proper configuration of the firewall.