Genesys Cloud - Main

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------

Hi Mayeul,

This depends on your PureCloud deployment model. If you are using LDM (on premise) Edges, then those ports only need to be open between the Edges and the Agent's PCs. If you're using the CDM (cloud, AWS) Edges, then those ports need to be open outbound from the Agents' network to be able to reach out to the cloud Edges for media.

Thanks,
Xander Dumaine

------------------------------
Xander Dumaine
Genesys - Employees
------------------------------

Original Message:
Sent: 06-08-2018 05:38
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------

Hi Xander,
Thanks for the quick answer.
For the current project we're working on, the Edge servers are LDM.
And the customer is challenging us regarding this huge range of ports to open, for security reasons.
So from what you're saying, we can tell the customer that this range of ports doesn't need to be open between agents PC and PC / AWS ?
Thanks

------------------------------
Mayeul Brivet
CoverApps
------------------------------

Original Message:
Sent: 06-08-2018 11:29
From: Xander Dumaine
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Mayeul,

This depends on your PureCloud deployment model. If you are using LDM (on premise) Edges, then those ports only need to be open between the Edges and the Agent's PCs. If you're using the CDM (cloud, AWS) Edges, then those ports need to be open outbound from the Agents' network to be able to reach out to the cloud Edges for media.

Thanks,
Xander Dumaine

------------------------------
Xander Dumaine
Genesys - Employees

Original Message:
Sent: 06-08-2018 05:38
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------

In the Ports and services to configure on your company firewall article under the Domains and IP Addresses heading in the IP Addresses section, you'll find this description:

Amazon AWS utilizes a large set of IP address ranges. Services deployed in AWS can use any of these addresses, and addresses are subject to change frequently. Amazon provides and maintains a list of available IP addresses, which is subject to change. More details are available here: http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

Does that help?

------------------------------
Greg Shultz
Genesys
------------------------------

Original Message:
Sent: 06-08-2018 12:51
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Xander,
Thanks for the quick answer.
For the current project we're working on, the Edge servers are LDM.
And the customer is challenging us regarding this huge range of ports to open, for security reasons.
So from what you're saying, we can tell the customer that this range of ports doesn't need to be open between agents PC and PC / AWS ?
Thanks

------------------------------
Mayeul Brivet
CoverApps

Original Message:
Sent: 06-08-2018 11:29
From: Xander Dumaine
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Mayeul,

This depends on your PureCloud deployment model. If you are using LDM (on premise) Edges, then those ports only need to be open between the Edges and the Agent's PCs. If you're using the CDM (cloud, AWS) Edges, then those ports need to be open outbound from the Agents' network to be able to reach out to the cloud Edges for media.

Thanks,
Xander Dumaine

------------------------------
Xander Dumaine
Genesys - Employees

Original Message:
Sent: 06-08-2018 05:38
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------

Original Message------

In the Ports and services to configure on your company firewall article under the Domains and IP Addresses heading in the IP Addresses section, you'll find this description:

Amazon AWS utilizes a large set of IP address ranges. Services deployed in AWS can use any of these addresses, and addresses are subject to change frequently. Amazon provides and maintains a list of available IP addresses, which is subject to change. More details are available here: http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

Does that help?

------------------------------
Greg Shultz
Genesys
------------------------------

For BYOC Premise (aka LDM Edges):

- tcp/5060-5061 has to be open between the Edges and AWS. 
- 3478 and 19302 (tcp & udp) should be open between Edges and AWS.
- 3478 and 19302 (tcp & udp) should be open between Client Computers and AWS.
- udp/16384-32768 (SRTP) should be open between Client Computers and Edges

------------------------------
Xander Dumaine
Genesys - Employees
------------------------------

Original Message:
Sent: 06-08-2018 12:51
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Xander,
Thanks for the quick answer.
For the current project we're working on, the Edge servers are LDM.
And the customer is challenging us regarding this huge range of ports to open, for security reasons.
So from what you're saying, we can tell the customer that this range of ports doesn't need to be open between agents PC and PC / AWS ?
Thanks

------------------------------
Mayeul Brivet
CoverApps

Original Message:
Sent: 06-08-2018 11:29
From: Xander Dumaine
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Mayeul,

This depends on your PureCloud deployment model. If you are using LDM (on premise) Edges, then those ports only need to be open between the Edges and the Agent's PCs. If you're using the CDM (cloud, AWS) Edges, then those ports need to be open outbound from the Agents' network to be able to reach out to the cloud Edges for media.

Thanks,
Xander Dumaine

------------------------------
Xander Dumaine
Genesys - Employees

Original Message:
Sent: 06-08-2018 05:38
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------

Thanks Xander for your help.

------------------------------
Mayeul Brivet
CoverApps
------------------------------

Original Message:
Sent: 06-12-2018 08:54
From: Xander Dumaine
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

For BYOC Premise (aka LDM Edges):

- tcp/5060-5061 has to be open between the Edges and AWS.
- 3478 and 19302 (tcp & udp) should be open between Edges and AWS.
- 3478 and 19302 (tcp & udp) should be open between Client Computers and AWS.
- udp/16384-32768 (SRTP) should be open between Client Computers and Edges

------------------------------
Xander Dumaine
Genesys - Employees

Original Message:
Sent: 06-08-2018 12:51
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Xander,
Thanks for the quick answer.
For the current project we're working on, the Edge servers are LDM.
And the customer is challenging us regarding this huge range of ports to open, for security reasons.
So from what you're saying, we can tell the customer that this range of ports doesn't need to be open between agents PC and PC / AWS ?
Thanks

------------------------------
Mayeul Brivet
CoverApps

Original Message:
Sent: 06-08-2018 11:29
From: Xander Dumaine
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi Mayeul,

This depends on your PureCloud deployment model. If you are using LDM (on premise) Edges, then those ports only need to be open between the Edges and the Agent's PCs. If you're using the CDM (cloud, AWS) Edges, then those ports need to be open outbound from the Agents' network to be able to reach out to the cloud Edges for media.

Thanks,
Xander Dumaine

------------------------------
Xander Dumaine
Genesys - Employees

Original Message:
Sent: 06-08-2018 05:38
From: Mayeul Brivet
Subject: When using WebRTC with on premises Edge, why do we need to open ports 49152-65535 to PureCloud ?

Hi
As per the ports and services page (https://help.mypurecloud.com/articles/purecloud-ports-services/),when using WebRTC with local Edge, udp ports range 49152 - 65535 needs to be open between the agents PC and PureCloud (AWS). The doc mentions it is used for WebRTC Media, SRTP/TURN.
AFAIK, the webRTC media flow is from the agents PC to the Edge, so how come we need to open this other ports range ? What is it used for ?
This is always seen as a security issue by customers.
Thanks


------------------------------
Mayeul Brivet
CoverApps
------------------------------