The following provides an overview of the TCP/IP networking requirements of the Startle Solution: -
There are no specific inbound ports that should need to be addressed. It is “expected” that the firewall between the public Internet and the private network has a suitable intelligent firewall that can monitor outbound requests and thus allow the return traffic to be accepted (for instance packets that already have been established outbound with TCP, and also packets that are used by connectionless protocols such as NTP).
The solution uses a number of outbound ports as detailed below: -
On rare occasions there is a customer specific requirement to also limit to specific domains. This isn’t recommended as these may change on occasion in the future. The following provides a list of domains that may currently be accessed outbound from your venue: -
Public IP Addresses
There is a possibility that the public IP addresses could change and therefore it is suggested that a local IP address is allocated to the player through DHCP reservations, thus allowing the firewall to implement source IP address whitelisting.
NOTE: It is important that the outbound traffic has the ability to communicate outbound with the above ports and that no Login/“Capture Portals” are deployed prohibiting this.
NOTE: Startle are a very dynamic organisation and welcome conversations on the above port numbering where this can not be accommodated within the existing security policy.