NOTE: Network firewall rules updated with RemoteSpark 2.0.33 and 2.1.80
This article contains information for network teams to prepare their environment for deployment of RemoteSpark.
Glossary
Web Endpoint: is the API the RemoteSpark Client uses to interact with the system
Storage Endpoint: how the system uploads and downloads content
STUN/TURN: how video calls are established between the Expert and the remote worker
Traffic Manager: how the application selects which data centre to use for the application
Note: our cloud-based solution is hosted on Microsoft Azure. For more information on Azure services, see here.
Ports to open
- 443 (TCP)
- 3478 (TCP/UDP), 8089(TCP/UDP)
DNS
- Public DNS resolution
Endpoints
The cloud configuration of RemoteSpark requires users to allow the Traffic Manager endpoint, the CDN endpoint, and each of the datacentre endpoints through their firewall.
- Benefits of using Traffic Manager: increased availability and app response time, improved app performance and content delivery, along with DNS-based load balancing. If a specific datacentre is offline for any reason, your ability to connect to RemoteSpark services and perform video calls is not affected when using Traffic Manager.
- By default, Traffic Manager in RemoteSpark (shown as RemoteSpark Cloud in the RemoteSpark Client settings page) will route your connection to the fastest available datacentre. Most often this is the closest one geographically to the user, but can vary depending on traffic and other factors.
Caution: RemoteSpark updates may require new endpoint rules.
Traffic Manager endpoint
CDN endpoint
- cdn.kognitivspark.net
North America datacentre endpoints
- Web:
- Storage:
- STUN/TURN: 172.177.54.92
Europe datacentre endpoints
- Web:
- Storage:
- STUN/TURN: 20.123.158.134
Web Browser
STUN/TURN Redundancies
In the unlikely event that our (Azure's) STUN/TURN servers go offline we have the following redundancies in place to ensure that there is no interruption in service. Please ensure that they're added to your firewall settings for good measure.
- global.turn.twilio.com
- stun.google.com
Backup Endpoints (in case there is outage on primary server)
- janusna.kognitivspark.cloud
- januseu.kognitivspark.cloud
- https://northamericarstorage21.kognitivspark.cloud
- https://europestorage21.kognitivspark.cloud
- remotesparkcloudv21.kognitivspark.cloud/api/
- remotesparkcloudv21na.kognitivspark.cloud/api/
- remotesparkcloudv21eu.kognitivspark.cloud/api/
- webclient.kognitivspark.cloud
- cdn.kognitivspark.cloud
Options for not whitelisting all traffic
If you choose to select a specific data centre, depending on your network configuration you will need to allow traffic on Port 3478 (TCP/UDP), 8089(TCP/UDP) and 5349 (TCP/UDP).
If you don’t whitelist all traffic on those three ports, you will need to contact Kognitiv Spark Support to determine the correct IP addresses for those ports.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article