The firewall must allow outgoing connections to the following endpoints:

Service

Endpoint

MQTT

mqtt.connectivity.siemens.com:443

Firmware Update Service

ota-update.connectivity.siemens.com:443
s3-eu-west-1.amazonaws.com:443

Container Image Registry

registry.connectivity.siemens.com:443
registry.horizoncloud.io:443

Bootstrap

bootstrap.connectivity.siemens.com:443
bootstrap.siemens.com:443

Authentication Proxy

proxy.connectivity.siemens.com:443

NTP Server

0.siemens.pool.ntp.org:123 (main server)
1.siemens.pool.ntp.org:123 (backup server)
2.siemens.pool.ntp.org:123 (backup server)
3.siemens.pool.ntp.org:123 (backup server)