Firewall Considerations for Telos Connect
Scope
This article covers firewall considerations that can affect Telos Connect. This does not cover any firewall in particular but describes the requirements.
Description
Telos Connect (also called Support Link), if enabled, allows secure, encrypted access to logs and config files on a number of Telos products.
Requirements
As of this writing, Telos Connect uses one of three geographically located servers for redundancy and load balancing as required. Of particular note are the location of the servers.
The servers used are;
- zip.telos-systems.com - US Virginia data center
- zip2.telos-systems.com - Amsterdam data center
- zip3.telos-systems.com - Singapore data center
Telos Connect also needs access to secure.telos-systems.com
Ports used
The outbound connection uses HTTPS on port 443.
Telos Connect will attempt to send a UDP message on port 31000. It also uses HTTPS / TCP connections on port 443.
If both of those are blocked, Telos Connect will not work.
Connections
All connections are established outbound. Telos will never attempt to connect to your device.
All connections will be from one of those servers. No additional IP addresses or hostnames need to be accounted for.
Let us know how we can help
If you have further questions on this topic or have ideas about improving this document, please contact us.