Cloud-Hosted Network Requirements for IT

1. Captive Portal

If your network uses a captive portal for authentication, it must be disabled for Rock devices.

2. SSL Inspection / Traffic Interception

If your network uses traffic inspection proxies or firewalls (e.g., Zscaler, etc.) that intercept or modify SSL/TLS traffic, exceptions must be configured to allow Rock devices to bypass SSL inspection when communicating with the Alcatraz platform.

This includes all required cloud endpoints. In addition, onboarding.alcatraz.ai must be explicitly whitelisted and excluded from SSL/TLS inspection, as it is required for device onboarding and provisioning.

3. Cloud Endpoints (Whitelisting Required)

Rock devices must be able to establish outbound connections to the Alcatraz Cloud platform.
If your network enforces outbound filtering, proxying, or firewall restrictions, you must whitelist the following URLs and/or IP addresses.

These endpoints must be reachable without SSL/TLS interception.

• Standard Cloud (US)
  • https://platform.us.alcatraz.ai
  • https://devices.us.alcatraz.ai
  • 3.23.74.102
  • 3.140.166.106

• Standard Cloud (EU)
  
  • https://platform.eu.alcatraz.ai
  • https://devices.eu.alcatraz.ai
  • 18.197.130.184
  • 3.122.185.18

• Enterprise Cloud (Single-Tenant)
  Your Alcatraz representative will provide the specific URLs and IP addresses for your deployment:
  • https://platform.<yourCloudInstance>.alcatraz.ai
  • https://devices.<yourCloudInstance>.alcatraz.ai

4. Required Network Ports

5. DNS Server Requirement

A DNS server is required.

If a corporate DNS server is not available, a public DNS server such as Google DNS may be used:

• 8.8.8.8
• 8.8.4.4

6. NTP Server Requirement

An NTP server is required.

If a corporate NTP server is not available, a public NTP server such as those offered by Google and NIST may be used:

• time.google.com
• time.nist.gov

7. Power Requirement

A PoE+ power source is required:

• PoE+ (IEEE 802.3at Type 2), 30W

8. Optional Integrations