Communication Data Points

If your devices are behind an enterprise firewall, the following ports and URLs must be allowed to enable smooth communication while using SureMDM.

Below is the list of services along with ports used by mentioned services,

SureMDM Services - These services are used for secured and encrypted communication between SureMDM enrolled devices and SureMDM Web Console.
SureMDM Remote Support - SureMDM offers a secure way to remotely view and control enrolled devices using SureMDM Web Console.
Firebase cloud messaging - Google Cloud Messaging (Firebase Cloud Messaging) by Google helps SureMDM server to send secure notifications to enrolled devices. Google uses any of these mentioned ports.
Zero Touch Enrollment: Zero-touch enrollment allows enterprises to provision Android devices by assigning enterprise configuration and security policies right out of the box.
Play Services and Android Management - Google Play services are used to securely update Google apps and apps from Google Play. It is also used for the communication and management of Android Enterprise (Work Managed Device) devices.
Samsung KNOX Enrollment - Samsung KNOX Enrollment is used for Samsung Account authentication for Knox service and also for access of enterprise devices to the Knox servers.
iOS APNS - iOS APNS enables secure communication of iOS and/or macOS devices through the SureMDM servers. This also enables third-party apps to send push notifications to iOS devices.
Apple services - Apple services are used for Apple's Mobile Asset Software Update service to provide an XML file with information about available iOS updates.
Microsoft services for Windows - This service is used for Windows notification service by Microsoft which allows secure communication between SureMDM and Windows devices.
Office 365 services - This service is used for managing Windows devices and services behind firewalls and enables secure communication.

The following table explains the communication data pointers for SureMDM:

Port	Destination	Type	Protocol	Description
443	suremdm.42gears.com or yourdomain.suremdm.io	Outbound	HTTPS	SureMDM Services Note: Region can be included in the URL as in/us/eu during signup.
443	suremdm.42gears.com or yourdomain.suremdm.io	Outbound	TLS or WSS	SureMDM Remote Support Note: Region can be included in the URL as in/us/eu during signup.
443	activate.42gears.com	Outbound	HTTPS	42Gears Services
443	s3.amazonaws.com	Outbound	HTTPS	Jobs, Reports, File store and Application store. Note: Select a URL based on the region selected.
	mars.astrouploads.com Note: The domain mars.42gears.com has been updated to mars.astrouploads.com as we transition to a new domain for 42Gears-hosted apps and files from the 5th of November 2024.
	The following URLs will be allowed based on the region selected during signup: suremdm-usstorage.s3.amazonaws.com suremdm-eustorage.s3.eu-west-1.amazonaws.com suremdm-instorage.s3.ap-south-1.amazonaws.com
443, 5228, 5229, 5230	All traffic or Google's ASN of 15169	Outbound	TLS/HTTPS	Firebase Cloud Messaging
443	www.googleapis.com	Outbound	HTTPS	Zero Touch Enrollment
443	*.ggpht.com	Outbound	HTTPS	Play Services and Android Management Note: For more information, refer to page number 37 in the above link.
	*.googleusercontent.com	Outbound
	*.gvt1.com	Outbound
	*play.googleapis.com	Outbound
	android.clients.google.com	Outbound
443	*.samsung.com	Outbound	HTTPS	Samsung KNOX Enrollment
	*.samsungknox.com	Outbound
	*.secb2b.com	Outbound
5223, 2195 - 2197	17.0.0.0/8	Outbound	TLS/HTTPS	iOS APNS
443	mesu.apple.com	Outbound	HTTPS	Apple services
443	*.notify.live.net	Outbound	HTTPS	Microsoft services for Windows
	*.notify.windows.com	Outbound
	*.wns.windows.com	Outbound
	login.microsoftonline.com	Outbound
	login.live.com	Outbound
443	*.manage.microsoft.com	Outbound	HTTPS	Office 365 services
	*api.office.com	Outbound
	*go.microsoft.com	Outbound
	*login.windows-ppe.net	Outbound
	*secure.aadcdn. microsoftonline-p.com	Outbound
	*vortex.data.microsoft. com	Outbound