Mirror and MirrorTalk

Mirror Firewall Information: for IT administrators and Network Security teams

img (18).png

ver 1.5 (Jun 19, 2024)

 

Why it's important?

Firewalls and network filters can potentially restrict access to domains utilized by Mirror and its associated third-party services. The following guide has been crafted specifically for IT administrators and Network Security teams to aid in the proper configuration of firewall settings.

 

How to check if you need to contact your IT for help? 

Simply run network diagnostics on the Mirror Device to ensure access to the allowlist. Refer to the "Check Network" screen and click on the "Check Network" button for detailed instructions, as outlined in this article.

 

Screen-Recording-2024-06-24-at-1.gif

 

What needs to be whitelisted? 

We highly recommend permitting all subdomains of our mirrortalk.ai domain to guarantee seamless and uninterrupted access to all our services. One common method to achieve this is by incorporating a wildcard record, such as *.mirrortalk.ai, into your allowlist. By doing so, you will safeguard your setup against any future additions of new features that may be hosted on subdomains.

Kindly take note that Mirror necessitates access to TCP ports 80 (http) and 443 (https). Additionally, certain domains mandate access to the WSS protocol.

For your users to effectively utilize Mirror, they must have access to the listed domains:

 

TCP 80 and 443 ports:

*.mirrortalk.ai

mirrortalk.ai

cdn-ca-central-1.mirrortalk.ai

cdn-us-east-1.mirrortalk.ai

updates-cdn-us-east-1.mirrortalk.ai

swivlmirror-us-east-1.s3.amazonaws.com

swivlmirror-ca-central-1.s3.amazonaws.com

swivlmirror-assets.s3.amazonaws.com

foc-hw-logs.s3.amazonaws.com

dm-swivl.s3.amazonaws.com

cloud.swivl.com

dm.swivl.com

api.rollbar.com

cdn.rollbar.com

cdn.segment.com

api.segment.io

firebasecrashlyticssymbols.googleapis.com

www.google-analytics.com

ssl.google-analytics.com

accounts.google.com

ssl.gstatic.com

tagmanager.google.com

www.googletagmanager.com

googletagmanager.com

googleapis.com

swivl.zendesk.com

static.zdassets.com

ekr.zdassets.com

 

We use WebSockets for real-time communication, which utilizes the WSS standard. The following domains must be opened for WebSockets (protocol WSS):

wss://mirrortalk.ai
wss://*.mirrortalk.ai

wss://cloud.swivl.com

wss://dm.swivl.com

wss://googleapis.com

wss://swivl.zendesk.com

 

To avoid issues we recommend adding the following additional wildcards:

*.segment.com

*.rollbar.com

 

Zoom also requires adjustments to your network firewall or proxy server. Visit this link for detailed instructions on how to configure these settings.

 

To ensure that you receive notification emails from Mirror successfully, please add the following addresses to your email allowlist:

 

Troubleshooting QR Code Login

If the QR code for login does not appear on your device, please ensure that the following domains are open for WebSockets (WSS protocol on port 443):

 

wss://mirrortalk.ai

wss://*.mirrortalk.ai

wss://cloud.swivl.com

 

If you still have any questions, please contact us at demo@swivl.com or support@swivl.com

 

Updated

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.