Firewall and bandwidth requirements

Solution Overview

A network appliance or VM is installed on-prem named bcxmonitor. External connectivity either inbound OR outbound is required from this appliance or VM to monitor.burconix.com (188.39.33.109). A unique 256-bit pre-shared key is established between the on-prem bcxmonitor and monitor.burconix.com This encryption key is customer unique and is pre-configured at installation. The encryption key is only known by your on-prem bcxmonitor and monitor.burconix.com, and is not transmitted over the wire at any time. The on-prem bcxmonitor communicates with the local devices on your network using a combination of SNMPv1/SNMPv2/SNMPv3/IPMI/ICMP/Zabbix agent and scripts over HTTPS. This data is then securely transmitted from your on-prem bcxmonitor to monitor.burconix.com using Transport Layer Security (TLS) protocol v1.2 encrypted against the pre-shared key configured at installation.

Option 1 (Active)

The on-prem bcxmonitor is assigned a local static IP address eg: 10.0.0.1 The on-prem bcxmonitor connects outbound to monitor.burconix.com on TCP port 10051

The on-prem bcxmonitor requires external access to monitor.burconix.com (188.39.33.109) on TCP port 10051 in this configuration.

Option 2 (Passive)

The on-prem bcxmonitor is assigned a local static IP address eg: 10.0.0.1 A customer owned external IP address eg: 188.50.60.1 is configured on the customer firewall. The external IP address eg: 188.50.60.1 mapped through to the local static IP address eg: 10.0.0.1 on TCP port 10051 only. The external firewall is configured to only accept traffic from monitor.burconix.com (188.39.33.109)

monitor.burconix.com talks inbound to the bcxmonitor appliance in this configuration.