Genesys Cloud - Main

 View Only
Discussion Thread View
  • 1.  Firewall & domains

    Posted 10-27-2017 17:21

    Greetings,

     

    According to this resource...

    https://help.mypurecloud.com/articles/purecloud-ports-services/

     

    We need to authorize a set of domains (e.g *.mypurecloud.ie) in the FW's to whatever application that needs to access purecloud. These domains are presented with an wildcard that tell us to authorize all the subdomains from each domain.

     

    Our client has a Palo Alto FW, and they are telling me they cannot configure those domains with wildcards because each subdomain resolves to a different IP.

     

    Given this, I have 2 questions:

     

    • Is the a list of subdomains for *mupurecloud.ie available?
    • Will the cloudfront.net subdomain always be the same (dhqbrvplips7x)?

     

    Thanks in advance.

    Regards,

    Daniel Grosso



  • 2.  RE: Firewall & domains

    GENESYS
    Posted 11-01-2017 17:20

    PureCloud requires a few different types of communication to various endpoints. Unfortunately there is not a finite list of subdomains that are in use for each communication type and as new features are released potentially additional subdomains are needed. A vast majority of connections utilize HTTP/S connections over the standard TCP 80/443 ports. Often security organizations will handle HTTP/S communication requirement differently than other peer to peer communications since users often require access to an indefinite list of Internet accessible destinations. Planning for other communications types such as Voice and Video is even more variable. Common PureCloud deployments are designed to work with network address translations (NATs) which requires communication to be initiated outbound of the client network; not requiring any inbound connections improves the security position.



  • 3.  RE: Firewall & domains

    Posted 04-13-2021 03:07
    Has anybody else looked into this recently?  It looks like that cloudfront.net subdomain is still the same 4 years later - dhqbrvplips7x.  Obviously customers would much rather they allow traffic to a specific subdomain rather than *

    How likely is it that Genesys' cloudfront subdomain would change?  Does anybody know if there is a CNAME that Genesys have that's potentially in front of some type of load balanced set of subdomains at cloudtfront?


    ------------------------------
    Vaun McCarthy
    NTT New Zealand Limited
    ------------------------------



Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources