To facilitate Cloud services in a PROD environment, the following server URLs must be reachable through the corresponding firewall ports. Additional information can be found in our to be released Hardening Guideline
Service | Cloud Endpoint | Port | Notes |
Bootstrap | 443 | Old entry to be allow-listed until further notice. | |
MQTT Broker | Old: mqtts://mqtt.device.horizoncloud.io New: mqtts://mqtt.connectivity.siemens.com | 443 |
|
App Software Update | 443 |
| |
OS System Updates | https://proxy-hawkbit.horizoncloud.io https://hawkbit.horizoncloud.io | 443 |
|
Authorization Proxy | Old: https://sb-auth-proxy-v2.horizoncloud.io New: | 443 |
|
Time Synchronization | 0.siemens.pool.ntp.org (Main Server) 1.siemens.pool.ntp.org (Backup Server) 2.siemens.pool.ntp.org (Backup Server) 3.siemens.pool.ntp.org (Backup Server) | 123 UDP |
|
DNS Fallback | 8.8.8.8 | 443 |
|
Current Container Repository from AWS | *.dkr.ecr.eu-west-1.amazonaws.com And https://registry.horizoncloud.io New: | 443 | We are currently in the upgrade process from openshift to AWS, so both URLs are required.
|
Planned DNS | *.connectivity.siemens.com |
| In a future release we will migrate to new DNS where all connectivity endpoints will use this URL.
|