Connecting a device securely to a network segment that does not have Internet access

There are two ways to address this problem:

  1. Update the firewall protecting the network segment to allow the Ardexa Device to create an outgoing connection to: the US Cluster (app.ardexa.com), then the agent needs to contact broker.ardexa.com on TCP port 5671 ...or the EU Cluster (eur1.ardexa.com), then the agent needs to contact broker-eu.ardexa.com on TCP port 5671

  2. Connect the Ardexa Device to a second network segment that DOES have internet access

Option 1 is our recommended option as this leaves the firewall as the only connection point between the protected network segment and the outside world. Plus, because the only change is to allow an outgoing connection request, the network segment remains secure because it still blocks all incoming connections.

Option 2 is the fallback when Option 1 is not available (e.g. you do not have access to the firewall/router that controls the network segment). All Ardexa Devices come with a firewall that blocks all incoming connections by default, so this is still a secure option, but this may or may not comply with the security policy guiding the management of the target network segment.

Last updated