Best Practices for ensuring connectivity to SiteSage/Open Kitchen

Option 1 - Generally, it is best to whitelist our utilized URLs for specific ports for Ethernet connection (*.emonitor.us and *.sitesage.net). If your firewall does not have DNS capability, please see Option 2.
For specific URLS, gateways use push.emonitor.us. SAPs use secure10.sitesage.net or secure192.sitesage.net.

Option 2 - You may wish to whitelist the SiteSage Gateway based on its MAC address, rather than outbound IP. This requires your network admin to keep a record of each Gateway’s MAC address for each location. Any changes to this list will need to be tracked regularly. If this option is not applicable, please see Option 3.

Option 3 - You may need to whitelist the actual server IP addresses. SiteSage uses Amazon Cloud Servers. This means that the server IP addresses change about every two weeks—sometimes even more frequently. We have researched this and it is a well known issue for any company that uses Amazon’s load balancers. In this case you can provision the Gateways to use a proxy server. This way it is only necessary to whitelist the IP of your proxy, which should be static. This can be done by the installer via the Gateway’s embedded web page. It can potentially be done remotely by customer IT as well. Once the IT department decides on a proxy, we need to test it to ensure that it works with our hardware/traffic requirements. It is important that any firmware download can be performed successfully.