If ALL components are not on the same subnet, the following ports must be open to the on-prem appliance:
1. Whitelist the IP Address or URL for the Alcatraz Platform server.
- https://<ip address>
2. These ports are required to be opened. These are outbound from the Rock.
| TCP 443 | UI and Events | Outbound from Rock to Alcatraz Server |
| TCP 3310 | Data Sync | Outbound from Rock to Alcatraz Server |
| TCP 8443 | On-boarding and Updates | Outbound from Rock to Alcatraz Server |
| UDP 53 | DNS* | Outbound from Rock to DNS Server |
| UDP 123 | NTP* | Outbound from Rock to NTP Server |
| TCP 3033 | ACS Integration Sync | Outbound from ACS Integration Server to Alcatraz Server |
| TCP 80 | ONVIF Agent | Inbound to Rock from VMS |
| TCP 554 | RTSP Streaming | Inbound to Rock from VMS |
| UDP 554 | RTSP Streaming | Inbound to Rock from VMS |
| UDP 3792 | ONVIF Discovery | Inbound to Rock from VMS |
Other Multicast Ports as defined by the VMS
*Notes Regarding DNS and NTP Servers
DNS
- A DNS Server is required if URLs or FQDNs are used for any other fields such as NTP.
- If a corporate DNS Server is not available, a public one such as those offered by Google can be entered: 8.8.8.8 and/or 8.8.4.4
NTP
- An NTP Server is required!
- If a corporate NTP Server is not available and the Rocks have access to the internet, a public one such as those offered by Google and NIST can be entered: time.google.com or time.nist.gov
- If a corporate NTP Server is not available and the Rocks do not have access to the internet, an NTP Server can be configured on the Alcatraz Platform Server during the software installation process.