In networks where a firewall and Web proxy server are deployed, the table rows indicating “IP Supernets” must be used to configure the firewall.Table 3.2.1 must be taken into account for firewall configuration when MVP Mobile Application is used on an enterprise WiFi network. On a mobile operator network, firewall configuration is irrelevant when traffic only traverses the Internet to RingCentral communication services. The RingCentral MVP Mobile App may be used on a mobile operator network or a WiFi network.Other IP addresses and ports may not be opened on the firewall unless involved in other calls from the same site or for business applications. For a given voice or video call, a stateful firewall will open only a small subset of the IP addresses and ports.If multiple endpoints are deployed which require the same domain to be whitelisted or a set of ports to be opened, then only one whitelisting or access rule instance needs to be configured in the firewall. In addition such multiplicities are needed to ensure that each endpoint can be deployed independent of other endpoints types. This is necessary because some port ranges may be shared among hard or soft endpoints. Different endpoint tables may contain the same domain names or port ranges. According to QoS traffic prioritization, the port table rows are generally organized from top to bottom, with media requiring the highest priority and supporting data service traffic at the lowest priority.Table rows indicating Signaling/Media (without the Secured modifier) can be ignored when RingCentral has administratively configured the customer account for ‘secured signaling and media.For firewall configuration, only the tables for the set of endpoint types that are deployed need to be considered.The tables for a) RingCentral Video Mobile, Desktop, and Web, b) RingCentral Video Rooms, and RingCentral Video with Rooms Connector are specified in separate tables because a) may be deployed independently of b) and c).Therefore, a separate table is specified for RingCentral Video Mobile, desktop, and Web, which factors out the specific firewall requirements for video service. The tables do not necessarily match 1-1 with RingCentral product definition since, e.g., RingCentral Video can be used as a stand-alone product and with RingCentral MVP. The tables provide modular sets of requirements for firewall control to support different mixes of RingCentral endpoint deployments.Source ports are not specified since the port range is operating system dependent, and ports are dynamically selected. The endpoint tables specify the use of domain names, supernets, and a range of cloud destination ports for various purposes, including media, signaling, and registration traffic.Analytics and Live Reports Portals may be country-specific to comply with data-locality requirements.The Live Report Portal gives access to an add-on service and can be used with RingCentral call queues to create a basic call center based on the MVP system.The corresponding domains only need to be whitelisted if this functionality is used. The Analytics Login Portal provides Account Administrators insights into the RingCentral MVP system with actionable data.Service Web Portal provides access to administration and unified communication services after authentication has been completed via the Administrator/User Account Portal.After the Administrator/User is authenticated by the Login Service, the Discovery Service is used again to determine the appropriate API domain based on the configured account data. The Discovery Service points to the Login Process service. The API Discovery Service is used for client applications to dynamically discover their correct.The Administrator/User Account Portal is used to authenticate administrators and users to access any of the underlying communication and administration services, including MVP and Ringcentral Video (RCV).The RingCentral Company Website provides general information about RingCentral and products and does not require login.The RingCentral Website, Administrator/User Account Portal, API Discovery Service, and Service Portal Domain must always be whitelisted to allow administrators and users to access general information and RingCentral services.For example, if the Live Reports Portal is not used, the domain does not need to be whitelisted. Only the actual set of services that are used must be whitelisted.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |