Pure Access Network Requirements

Overview:

The ISONAS reader-controller and IP-Bridge are IOT style device that require minimal network configuration to function. When using the reader-controller or IP-Bridge in conjunction with Pure Access Cloud the devices must have a clear path to the internet on port 55333. No other ports are required.

Best Practices:

Firewall:

• The ISONAS hardware communicates on port 55533.
• If Intrusion Detection and Prevention is enabled, double check the firewall logs for dropped packets with a source IP that matches a device and create bypass rules as needed.
• A firewall egress rule allowing the IP's of the devices is required. o Note: the devices do not proxy.
• Recommendation: Create a group for the IPs and apply the group to a rule to allow 55533 to communicate with isonaspureaccesscloud.com (IP 52.38.127.152). Both UPD and TCP should be allowed to pass.

DHCP:

• If the reader-controllers are to be left on DHCP it is strongly recommended to use reservations so the IP address does not need to be renewed.

Network:

• If possible the reader-controllers should be in a dedicated subnet.
  • o Note: This is not required but can be considered a best practice for this type of device.
• Ensure that all best practices are followed for the physical network
  • o The POE switch should have enough power to run all ports and account for in rush. (IE. A switch restart which would cause all readers to restart)
  • o Cable length should not exceed 100 meters (300 feet) unless a POE injector is in use at the reader/controller