Security Considerations

Owned by Daniel Olivera (Unlicensed)
Last updated: May 20, 2024 by Santiago Couñago
1 min read

The network where agents are working, must consider the following

  1. Port 3478  UDP/TCP must be opened at least for the host stun.ucontactcloud.com

  2. Port 8089  UDP/TCP must be opened at least for the host (ucontactinstance).ucontactcloud.com

  3. Port 443 UDP/TCP must be opened at least for the host (ucontactinstance).ucontactcloud.com

  4. Ports 10000-20000 UDP must be opened at least for the host (ucontactinstance).ucontactcloud.com

  5. Access to the site   http://cacerts.geotrust.com/GeoTrustRSACA2018.crt and redirector.gvt1.com/ must be enabled in order to allow browsers to validate uContact SSL certificate.

  6. Enable access to the activator license site: us-central1-licenciator.cloudfunctions.net/api/servers/getLicence

  7. Enable the 10050 and 10051 TCP ports for the IP 35.184.27.240, corresponding to: monitor.ucontactcloud.com

  8. Access to the following  IP´s  (104.197.204.63   , 74.125.134.127) used by google chrome.

  9. Verify that SIP -  ALG is not active on the local or border network devices.

  10. Verify that IPS - detection is not active because it can cause VoIP packet discard and voice problemas (unespected call drops).

  11. Domain *.github.com must be enable for system updates

  12. Disable Google chrome perfromance settings: chrome://settings/ → Performance →. (Memory Saver toggle switched off, and Always keep sites added with https://(ucontactinstance).ucontactcloud.com)

Based on this considerations, the policy of the antivirus used on the workstations they must be actuated in order to avoid port scan, blocking or denying the access by security reasons.