Network Configuration

Integrating the SSH platform into an existing IT infrastructure

In order to make the most of the symmedia Hub features, it is important to make sure that the technical requirements regarding network connections are met.

In this section we assume, for the sake of simplicity, that the organization using the symmedia Hub has split its networking into (at least) two network segments:

  1. The organization’s office network

  2. The organization's machine network

Office Network

  • The office network is assumed to contain all office computers that are run outside of the shopfloor (i.e. management, sales, procurement etc.).
  • The primary use case of the symmedia Hub is assumed to be using the portal app to i.e. track Service Cases, upload and maintain machine documents etc.
  • It is assumed that a general access to the internet is possible and that no URL restrictions are in place (through i.e. proxy or firewall rules).

Please consult the table below to make sure that all required URLs are reachable from the computers in the office network that need to access the symmedia Hub´s portal application.

Machine Network

The machine network is assumed to contain all the OT equipment on the shop floor (HMIs, Edge Devices etc.). It is further assumed that additional restrictions are in place that limit the kinds of network traffic to and from the network.

Portal

The portal is a web application, running in the browser. It offers the general user interface to interact with Service Cases, conferencing, remote access settings, machine documents etc. .

In order to use the app to its full extent, these urls need to be reachable:

URLPortUse
*.symmedia-hub.com (new)443Portal App

*.secure-service-hub.com

443Portal App
*.secure-service-hub.io443

Matrix integration

fonts.googleapis.com443Google Fonts used in the portal app
fonts.gstatic.net443Google Fonts used in the portal app
*.windows.net443Assets/Texts stored in Azure
aadcdn.msauth.net443Authentication
aadcdn.msauthimages.net443Authentication
login.live.com443Authentication
login.microsoftonline.com443Authentication
tokenprovider.termsofuse.identitygovernance.azure.com443Authentication
symcloudplatformb2cprod.b2clogin.com443Authentication
azfunc-symuserinvitation-prod.azurewebsites.net443Authentication
azfunc-symuserinvitation-staging.azurewebsites.net443Authentication

Firewall Configuration

The Edge Device requires connectivity to the internet, in order to establish a connection to symmedia Hub’s cloud platform.

Endpoint

IP address

Port / Protocol

Description

portunification.symmedia-hub.com (new)20.76.82.23122552Unify PRODUCTION

portunification.secure-service-hub.com

20.76.82.231

22552

Unify PRODUCTION

device-certificate.symmedia-hub.com (new)20.76.82.231443certificate provisioning on PROD

dcs-prod.secure-service-hub.com

20.76.82.231

443

certificate provisioning on PROD

global.azure-devices-provisioning.net

20.43.44.164

443

Fallback Azure

global.azure-devices-provisioning.net

20.43.44.164

5671

Fallback Azure

global.azure-devices-provisioning.net

20.43.44.164

8883

Fallback Azure

8.8.8.8

8.8.8.8

ICMP

Internet connectivity check ICMP

8.8.8.8

8.8.8.8

53

Fallback DNS used by Docker