Communication Data Points


If your devices are behind an enterprise firewall, the following ports and URLs must be allowed to enable smooth communication while using SureMDM.

Below is the list of services along with ports used by mentioned services,

  • SureMDM Services - These services are used for secured and encrypted communication between SureMDM enrolled devices and SureMDM Web Console.
  • SureMDM Remote Support - SureMDM offers a secure way to remotely view and control enrolled devices using SureMDM Web Console. 
  • Firebase cloud messaging - Google Cloud Messaging (Firebase Cloud Messaging) by Google helps SureMDM server to send secure notifications to enrolled devices. Google uses any of these mentioned ports.
  • Zero Touch Enrollment: Zero-touch enrollment allows enterprises to provision Android devices by assigning enterprise configuration and security policies right out of the box.
  • Play Services and Android Management - Google Play services are used to securely update Google apps and apps from Google Play. It is also used for the communication and management of Android Enterprise (Work Managed Device) devices.
  • Samsung KNOX Enrollment - Samsung KNOX Enrollment is used for Samsung Account authentication for Knox service and also for access of enterprise devices to the Knox servers.
  • iOS APNS - iOS APNS enables secure communication of iOS and/or macOS devices through the SureMDM servers. This also enables third-party apps to send push notifications to iOS devices. 
  • Apple services - Apple services are used for Apple's Mobile Asset Software Update service to provide an XML file with information about available iOS updates.
  • Microsoft services for Windows - This service is used for Windows notification service by Microsoft which allows secure communication between SureMDM and Windows devices.
  • Office 365 services - This service is used for managing Windows devices and services behind firewalls and enables secure communication.

     The following table explains the communication data pointers for SureMDM:

Port

Destination

Type

Protocol

Description

443

suremdm.42gears.com or yourdomain.suremdm.io

Outbound

HTTPS

SureMDM Services

Note: Region can be included in the URL as in/us/eu during signup.

443

suremdm.42gears.com or yourdomain.suremdm.io

Outbound

TLS or WSS

SureMDM Remote Support

Note: Region can be included in the URL as in/us/eu during signup.

443

activate.42gears.com

Outbound

HTTPS

42Gears Services

443

s3.amazonaws.com

Outbound

HTTPS

Jobs, Reports, File store and Application store.

Note: Select a URL based on the region selected.

mars.astrouploads.com

Note: The domain mars.42gears.com has been updated to mars.astrouploads.com as we transition to a new domain for 42Gears-hosted apps and files from the 5th of November 2024.

The following URLs will be allowed based on the region selected during signup:

443, 5228, 5229, 5230

All traffic or Google's ASN of 15169

Outbound

TLS/HTTPS

Firebase Cloud Messaging

443

www.googleapis.com

Outbound

HTTPS

Zero Touch Enrollment

443

*.ggpht.com

Outbound

HTTPS

Play Services and Android Management

Note: For more information, refer to page number 37 in the above link.

*.googleusercontent.com

Outbound

*.gvt1.com

Outbound

*play.googleapis.com

Outbound

android.clients.google.com

Outbound

443

*.samsung.com

Outbound

HTTPS

Samsung KNOX Enrollment

*.samsungknox.com

Outbound

*.secb2b.com

Outbound

5223, 2195 - 2197

17.0.0.0/8

Outbound

TLS/HTTPS

iOS APNS

443

mesu.apple.com

Outbound

HTTPS

Apple services

443

*.notify.live.net

Outbound

HTTPS

Microsoft services for Windows

*.notify.windows.com

Outbound

*.wns.windows.com

Outbound

login.microsoftonline.com

Outbound

login.live.com

Outbound

443

*.manage.microsoft.com

Outbound

HTTPS

Office 365 services

*api.office.com

Outbound

*go.microsoft.com

Outbound

*login.windows-ppe.net

Outbound

*secure.aadcdn. microsoftonline-p.com

Outbound

*vortex.data.microsoft. com

Outbound