MDM Network Ports
Overview
Section titled “Overview”To have a fully functional Mobile Device Management system, it is necessary to have a properly deployed set of CapaInstaller services within the company’s network infrastructure.
Services
Section titled “Services”| Service | Port Number | Data Type | Direction | Destination DNS URL - Outgoing | Description |
|---|---|---|---|---|---|
| cimdm | 443 (SSL) | TCP | PUBLIC → DMZ | Mobile devices retrieve configurations and applications | |
| cimdm | 443 (SSL) | TCP | DMZ → PUBLIC | api.capaone.com | Gateway for: Apple Push Network Service (APNS): http://support.apple.com/kb/TS4264 Google Cloud Messaging**:** http://en.wikipedia.org/wiki/Google_Cloud_Messaging Microsoft Open Mobile Alliance (OMA): https://en.wikipedia.org/wiki/OMA_Device_Management |
| Self Service Portal | 9443(Default) | TCP | PUBLIC → DMZ | Used to access the Self-Service portal from the devices | |
| cibackend | 5023 (Default) | TCP | DMZ → SERVER | cimdm get profiles and configurations | |
| cifrontend | 5022 (Default) | TCP | DMZ → SERVER | cimdm authenticates users when enrolling devices | |
| cifrontend | 443 (SSL) | TCP | SERVER → PUBLIC | download.capainstaller.com | Retrieve updated information about device models and versions |
Devices
Section titled “Devices”For end-user devices to support mobile device management, the devices must communicate with different network services
| Devices | Port Number | Data Type | Direction | Destination DNS URL - Outgoing | Description |
|---|---|---|---|---|---|
| All devices | 443 (SSL) | TCP | LAN → PUBLIC | DMZ Server | Used for secure communication between iOS devices and the MDM server. |
| Android devices | 5228 (Google server) | TCP | LAN → PUBLIC | android.apis.google.com gcm-http.googleapis.com fcm.googleapis.com | This port is used for communication between Android devices and Google Cloud Messaging (GCM), which sends push notifications and other data to Android devices. |
| Android devices | 5229 (Google server) | TCP | LAN → PUBLIC | android.apis.google.com gcm-http.googleapis.com fcm.googleapis.com | This port is used for communication between Android devices and GCM over a secure connection. |
| Android devices | 5230 (Google server) | TCP | LAN → PUBLIC | android.apis.google.com gcm-http.googleapis.com fcm.googleapis.com | This port is used for communication between Android devices and GCM for sending and receiving multicast messages. |
| Android devices | 443 (Google server) | TCP | LAN → PUBLIC | android.apis.google.com gcm-http.googleapis.com fcm.googleapis.com play.google.com | This port is used for secure communication between Android devices and the MDM server. |
| Apple devices | 2195 (Apple server) | TCP | LAN → PUBLIC | gateway.push.apple.com | Used for sending push notifications to iOS devices. |
| Apple devices | 2196 (Apple server) | TCP | LAN → PUBLIC | feedback.push.apple.com | Used by the APNs Feedback Service to send feedback to the MDM server about failed push notifications. |
| Apple devices | 5223 (Apple server) | TCP | LAN → PUBLIC | Used for communication between iOS devices and APNs. It is also used for device activation. | |
| Windows Phone device | 443 (Microsoft server) | TCP | LAN → PUBLIC |