Overview

AppsAnywhere provides your end-users with easy access to their software applications by integrating a variety of new and existing app delivery methods.

As software delivery is generally a business critical service, it is important that your service is resilient, both in terms of redundancy and security.

In addition, when using Cloudpaging to deliver Windows apps, end-user devices will require ongoing access to AppsAnywhere to validate and record usage.

Your end-users will also need to access your AppsAnywhere Portal both on and off-site, from any location.

AppsAnywhere servers should be private, and a load balancer configured with health checks to act as the gateway for all external (and internal) traffic.

Firewall Rules

You will need to ensure that your network and firewalls are configured to permit the required traffic to and from your AppsAnywhere servers.

The following tables detail the connectivity required, grouped according to the origin of the network traffic.

All traffic is bi-directional

Internal Destinations should be amended to match your internal servers and services.

There is no requirement to configure firewall rules on the AppsAnywhere server, as the virtual appliance is preconfigured with the required firewall rules.

Inbound Traffic (Internal and External)

Sources

Internal Destination

Port

Usage

Client Devices

appsanywhere01.uni.edu

443 TCP

User access to AppsAnywhere (e.g. via your load balancer)

Jump Host

appsanywhere01.uni.edu

22 TCP

SSH access for administration (usually via a Windows jump host)

AppsAnywhere

appsanywhere01.uni.edu

80 TCP

Transfer of AppsAnywhere Client installers from other internal AppsAnywhere servers

Outbound Traffic (Internal)

Sources

Internal Destination

Port

Usage

AppsAnywhere

MSSQL.uni.edu

1433 TCP

Connection to your SQL database

AppsAnywhere

MSSQL.uni.edu

1434 UDP

Connection to your SQL database

AppsAnywhere

AD.uni.edu

636 TCP

Connection via LDAPS to your Active Directory

AppsAnywhere

AD.uni.edu

88 UDP

Connection via Kerberos to your Active Directory

AppsAnywhere

appsanywhere02.uni.edu

80 TCP

Transfer of AppsAnywhere Client installers to other internal AppsAnywhere servers

AppsAnywhere

cloudpaging.uni.edu

443 TCP

Connection to your Cloudpaging service (if applicable)

AppsAnywhere

parallels.uni.edu

443 TCP

Connection to your Parallels service (if applicable)

AppsAnywhere

analytics.uni.edu

19999 TCP

Connection to your Analytics Appliance (if applicable)

AppsAnywhere

myfileshare.uni.edu

445 TCP

AppsAnywhere Service access to the Secure Download UNC path

Outbound Traffic (External)

Source

Port

Usage

AppsAnywhere

123 UDP

CentOS (Chrony) Time Service

AppsAnywhere

80 TCP

Icon Library and CentOS updates

AppsAnywhere

443 TCP

APIs, libraries and CentOS updates

AppsAnywhere

587 TCP

Email alerts via SMTP

External Destinations

Optionally, you may wish to apply more specific firewall rules for outbound connections from your AppsAnywhere server(s).

The following table provides details of all the outbound destinations that AppsAnywhere requires access to during normal operation.

Source

External Destination

Port

Usage

AppsAnywhere

0.centos.pool.ntp.org

123 UDP

CentOS Time Service

AppsAnywhere

1.centos.pool.ntp.org

123 UDP

CentOS Time Service

AppsAnywhere

2.centos.pool.ntp.org

123 UDP

CentOS Time Service

AppsAnywhere

3.centos.pool.ntp.org

123 UDP

CentOS Time Service

AppsAnywhere

api.appsanywhere.com

80 TCP

Icon Library

AppsAnywhere

api.software2.com

443 TCP

AppsAnywhere Server Registration

AppsAnywhere

b12228822d08f4925072-e23aef5ecad0f6168507017a4f5869f1.ssl.cf3.rackcdn.com

443 TCP

AppsAnywhere Icon Library

AppsAnywhere

mirrorlist.centos.org

80 TCP

CentOS Update Repository

AppsAnywhere

cdn.remirepo.net

80 TCP

CentOS Update Repository

AppsAnywhere

mirrors.fedoraproject.org

443 TCP

CentOS Update Repository

AppsAnywhere

rpms.remirepo.net

443 TCP

CentOS Update Repository

AppsAnywhere

packages.microsoft.com

443 TCP

CentOS Update Repository

AppsAnywhere

rpm.nodesource.com ADDED 2.11

443 TCP

Node.js Update Repository

AppsAnywhere

appsanywhereresources.blob.core.windows.net

443 TCP

Appliance Configuration Console

AppsAnywhere

1bdb4cc9b0722bc205a377fabbc4511a62a47f7610ad5c7c4e62.ssl.cf3.rackcdn.com

443 TCP

Client Management

AppsAnywhere

*.s2public.blob.core.windows.net

443 TCP

Client Management

AppsAnywhere

software2-public.azureedge.net

443 TCP

Patch Management

AppsAnywhere

ajax.googleapis.com

443 TCP

jQuery & Google Fonts

AppsAnywhere

github.com

443 TCP

Other AppsAnywhere libraries

AppsAnywhere

smtp.sendgrid.net

587 TCP

Email alerts via SMTP

For Parallels RAS, please refer to AppsAnywhere Firewall Rules.xlsx

AppsAnywhere Support

During the initial deployment of AppsAnywhere will provide full details of all required firewall rules for inter-server communications with other components such as Cloudpaging and Parallels RAS.

If you would like us to provide further advice, or details of all required firewall rules for your existing AppsAnywhere infrastructure, please refer to AppsAnywhere Firewall Rules.xlsx or AppsAnywhere Support.