Network Firewall Configurations
There have been some recent inquiries that have necessitated guidance on network firewall configurations. Here is a quick summary on port configurations. The actual enabling of these firewall ports requires specific instructions for that type of firewall, so this is kept generic on what to do and not how to do it.
1. Your application servers must reference several locations on the internet to operate correctly. Open up outbound ports http(80) and https(443) 80 and 443 to all destinations from your application servers. If company policy does not permit opening all outbound destinations, then enable access to the following DNS(IP) :Port:
a. platform.healthvault-ppe.com (184.108.40.206) :443 – HealthVault Platform Server
b. mscrl.microsoft.com (220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199) :80 – Microsoft CRL Distribution Point server for platform.healthvault-ppe.com certificate.
c. www.microsoft.com (188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168) :80 – Microsoft certificate server for platform.healthvault-ppe.com certificate.
2. You do not have to open up ports to account.healthvault*.com servers because the client application accesses that site.
3. No inbound ports are required at this time as there are no servers that will call into your application servers.