Support.com® Cloud requires Agents to use a modern web browser such as Chrome or Firefox to securely access common content and services over standard network ports. Outbound traffic is often less restricted; depending on firewall configuration, a network administrator in your IT organization may need to make some minor changes to the firewall rules for Support.com Cloud to function properly.
Required web domain access for Support.com Cloud
If you are deploying all aspects of Support.com Cloud (Self-Support | Agent-Support | Remote Control | SeeSupport) within a firewall environment, the following network resources must be accessible on port 80/443:
- *.nexus.support.com.
- s3.amazonaws.com
- *.opentok.com
- *.tokbox.com
- cdn.sockjs.org
- ajax.googleapis.com
- fonts.googleapis.com
Whitelist configurations for SeeSupport
- Required:
- TCP Port 443 opened up using SSL over TLS
- TCP & UDP Port 3478 (minimum)
- Optional:
- UDP 1025-65535 (strongly recommend)
Configuring your network for internal remote control
- Allow outbound non-TLS traffic on ports 443 & 3478
Note: Some firewall/proxy rules only allow for SSL traffic over port 443. You will need to make sure that non-web traffic can also pass over this port.
IP Whitelisting to receive event notifications from Support.com Cloud
If the firewall surrounding your Access Point URL is configured to restrict inbound traffic, then the following network resources must be permitted to receive Support.com Cloud back-end notifications:
- Allow inbound traffic on ports 80/443
- Whitelist Production and DR Site IP Ranges:
- 74.201.114.0/24
- 3.235.72.32/27
- 18.204.182.102
- 34.202.190.104
- 34.203.4.255
- 35.174.82.162
- 18.205.81.55
- 35.171.106.120
Impact of disabled access/configurations
- Amazon - Guided Paths cannot be created or edited.
- Non TLS-SSL: Remote control of internal (within your firewall) computers will not be possible.
- UDP Port Opened: SeeSupport will perform slower than is optimally available.