1. Everbridge
  2. Knowledge
  3. Mobile Help

MobileHelp: Everbridge Mobile App Genernal Information on Networking and Encryption, End Points, URL Access and Push Notifications

Updated
Diane McCoy

Networking and Encryption

  • Networking throughout the app uses HTTPS encrypted communication
  • Keys can be revoked for each unique user/device combination and are never kept in permanent storage
  • TLS 1.2+ is enforced by the app at the device Operating System level
  • OS-level encryption and sandboxing protects stored data
  • Databases are encrypted with SQLCipher
  • Everbridge servers are registered using DNS CAA records to prevent man-in-the-middle attacks

End points:

URL access:

Apple push notifications:

  • https://support.apple.com/en-us/HT203609
  • TCP port 5223 (used by devices to communicate to the APNs servers)
  • TCP port 2195 (used to send notifications to the APNs)
  • TCP port 2196 (used by the APNs feedback service)
  • TCP Port 443 (used as a fallback on Wi-fi only, when devices are unable to communicate to APNs on port 5223)
  • The entire 17.0.0.0/8 address block is assigned to Apple, so it’s best to allow this range in your firewall settings

Android push notifications:

  • https://firebase.google.com/docs/cloud-messaging/concept-options#messaging_ports_and_your_firewall
  • Port 5228
  • Port 5229
  • Port 5230
  • If you’re using Network Address Translation (NAT) or Stateful Packet Inspection (SPI), implement a 30 minute or larger timeout for connections over ports 5228-5230. This enables us to provide reliable connectivity while reducing the battery consumption of your users’ mobile devices.
  • FCM IPs change frequently so for outbound google connections: No IP restrictions OR all IP in IPv4 & IPv6 blocks listed in Google’s ASN of 15169
Was this article helpful?
0 out of 0 found this helpful

Article Feedback

Please sign in to leave a comment.