Port requirements for Genetec Cloudlink appliances

2025-12-16

To enable communication between Genetec Cloudlink appliances and Security Center SaaS, you must open specific network ports.

US datacenters

The following network ports must be open for systems hosted in US datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: eastus2.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-eus2-0.azure-devices.net edgeosprodeus2appstore.azurecr.io edgeosprodeus2appstore.eastus2.data.azurecr.io edgeosprodeus2appstore.southcentralus.data.azurecr.io prod0eus2fwimages.blob.core.windows.net prod0eus2devicesmgmt.blob.core.windows.net prod0eus2devicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* eastus2.video.genetec.cloud eastus2.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.eastus2.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1eastus2horizon.blob.core.windows.net tds2eastus2horizon.blob.core.windows.net tds3eastus2horizon.blob.core.windows.net tds4eastus2horizon.blob.core.windows.net tds5eastus2horizon.blob.core.windows.net tds6eastus2horizon.blob.core.windows.net tds7eastus2horizon.blob.core.windows.net tds8eastus2horizon.blob.core.windows.net eus2scsaas01.blob.core.windows.net eus2scsaas02.blob.core.windows.net eus2scsaas03.blob.core.windows.net eus2scsaas04.blob.core.windows.net eus2scsaas05.blob.core.windows.net eus2scsaas06.blob.core.windows.net eus2scsaas07.blob.core.windows.net eus2scsaas08.blob.core.windows.net eus2scsaas09.blob.core.windows.net eus2scsaas10.blob.core.windows.net eus2scsaas11.blob.core.windows.net eus2scsaas12.blob.core.windows.net eus2scsaas13.blob.core.windows.net eus2scsaas14.blob.core.windows.net eus2scsaas15.blob.core.windows.net eus2scsaas16.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	`*.geneteccloud.com serbusnwskuumgkdlgi.servicebus.windows.net evhubnwskuumgkdlgi.servicebus.windows.net evhubbacknwskuumgkdlgi.servicebus.windows.net storsyncnwskuumgkdlgi.blob.core.windows.net storhealnwskuumgkdlgi.blob.core.windows.net storgatwnwskuumgkdlgi.blob.core.windows.net google.com`	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbusbrbjvsf44a7rk.servicebus.windows.net evhubbrbjvsf44a7rk.servicebus.windows.net evhubbackbrbjvsf44a7rk.servicebus.windows.net storsyncbrbjvsf44a7rk.blob.core.windows.net storhealbrbjvsf44a7rk.blob.core.windows.net storgatwbrbjvsf44a7rk.blob.core.windows.net`	Access control	Connection to Synergis.

Canadian datacenters

The following network ports must be open for systems hosted in Canadian datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: centralca.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-cca-0.azure-devices.net edgeosprodccaappstore.azurecr.io edgeosprodccaappstore.canadacentral.data.azurecr.io prod0ccafwimages.blob.core.windows.net prod0ccadevicesmgmt.blob.core.windows.net prod0ccadevicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* centralca.video.genetec.cloud cancentral.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.centralca.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1cancentralhrz.blob.core.windows.net tds2cancentralhrz.blob.core.windows.net tds3cancentralhrz.blob.core.windows.net tds4cancentralhrz.blob.core.windows.net tds5cancentralhrz.blob.core.windows.net tds6cancentralhrz.blob.core.windows.net tds7cancentralhrz.blob.core.windows.net tds8cancentralhrz.blob.core.windows.net cacscsaas01.blob.core.windows.net cacscsaas02.blob.core.windows.net cacscsaas03.blob.core.windows.net cacscsaas04.blob.core.windows.net cacscsaas05.blob.core.windows.net cacscsaas06.blob.core.windows.net cacscsaas07.blob.core.windows.net cacscsaas08.blob.core.windows.net cacscsaas09.blob.core.windows.net cacscsaas10.blob.core.windows.net cacscsaas11.blob.core.windows.net cacscsaas12.blob.core.windows.net cacscsaas13.blob.core.windows.net cacscsaas14.blob.core.windows.net cacscsaas15.blob.core.windows.net cacscsaas16.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	`*.geneteccloud.com serbusnwskuumgkdlgi.servicebus.windows.net evhubnwskuumgkdlgi.servicebus.windows.net evhubbacknwskuumgkdlgi.servicebus.windows.net storsyncnwskuumgkdlgi.blob.core.windows.net storhealnwskuumgkdlgi.blob.core.windows.net storgatwnwskuumgkdlgi.blob.core.windows.net google.com`	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbusbm4qutho3syfc.servicebus.windows.net evhubbm4qutho3syfc.servicebus.windows.net evhubbackbm4qutho3syfc.servicebus.windows.net storsyncbm4qutho3syfc.blob.core.windows.net storhealbm4qutho3syfc.blob.core.windows.net storgatwbm4qutho3syfc.blob.core.windows.net`	Access control	Connection to Synergis.

Australian datacenters

The following network ports must be open for systems hosted in Australian datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: eastau.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-eau-0.azure-devices.net edgeosprodeauappstore.azurecr.io edgeosprodeauappstore.australiaeast.data.azurecr.io prod0eaufwimages.blob.core.windows.net prod0eaudevicesmgmt.blob.core.windows.net prod0eaudevicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* eastau.video.genetec.cloud australiaeast.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.eastau.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1astleasthrz.blob.core.windows.net tds2astleasthrz.blob.core.windows.net tds3astleasthrz.blob.core.windows.net tds4astleasthrz.blob.core.windows.net tds5astleasthrz.blob.core.windows.net tds6astleasthrz.blob.core.windows.net tds7astleasthrz.blob.core.windows.net tds8astleasthrz.blob.core.windows.net auescsaas01.blob.core.windows.net auescsaas02.blob.core.windows.net auescsaas03.blob.core.windows.net auescsaas04.blob.core.windows.net auescsaas05.blob.core.windows.net auescsaas06.blob.core.windows.net auescsaas07.blob.core.windows.net auescsaas08.blob.core.windows.net auescsaas09.blob.core.windows.net auescsaas10.blob.core.windows.net auescsaas11.blob.core.windows.net auescsaas12.blob.core.windows.net auescsaas13.blob.core.windows.net auescsaas14.blob.core.windows.net auescsaas15.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	`*.geneteccloud.com serbusnwskuumgkdlgi.servicebus.windows.net evhubnwskuumgkdlgi.servicebus.windows.net evhubbacknwskuumgkdlgi.servicebus.windows.net storsyncnwskuumgkdlgi.blob.core.windows.net storhealnwskuumgkdlgi.blob.core.windows.net storgatwnwskuumgkdlgi.blob.core.windows.net google.com`	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbusd5ikjp5levj7i.servicebus.windows.net evhubd5ikjp5levj7i.servicebus.windows.net evhubbackd5ikjp5levj7i.servicebus.windows.net storsyncd5ikjp5levj7i.blob.core.windows.net storheald5ikjp5levj7i.blob.core.windows.net storgatwd5ikjp5levj7i.blob.core.windows.net`	Access control	Connection to Synergis.

European datacenters

The following network ports must be open for systems hosted in European datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: westeu.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-weu-0.azure-devices.net edgeosprodweuappstore.azurecr.io edgeosprodweuappstore.westeurope.data.azurecr.io edgeosprodweuappstore.northeurope.data.azurecr.io prod0weufwimages.blob.core.windows.net prod0weudevicesmgmt.blob.core.windows.net prod0weudevicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* westeu.video.genetec.cloud westeurope.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.westeu.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1westeuhorizon.blob.core.windows.net tds2westeuhorizon.blob.core.windows.net tds3westeuhorizon.blob.core.windows.net tds4westeuhorizon.blob.core.windows.net tds5westeuhorizon.blob.core.windows.net tds6westeuhorizon.blob.core.windows.net tds7westeuhorizon.blob.core.windows.net tds8westeuhorizon.blob.core.windows.net weuscsaas01.blob.core.windows.net weuscsaas02.blob.core.windows.net weuscsaas03.blob.core.windows.net weuscsaas04.blob.core.windows.net weuscsaas05.blob.core.windows.net weuscsaas06.blob.core.windows.net weuscsaas07.blob.core.windows.net weuscsaas08.blob.core.windows.net weuscsaas09.blob.core.windows.net weuscsaas10.blob.core.windows.net weuscsaas11.blob.core.windows.net weuscsaas12.blob.core.windows.net weuscsaas13.blob.core.windows.net weuscsaas14.blob.core.windows.net weuscsaas15.blob.core.windows.net weuscsaas16.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	`*.geneteccloud.com serbusnwskuumgkdlgi.servicebus.windows.net evhubnwskuumgkdlgi.servicebus.windows.net evhubbacknwskuumgkdlgi.servicebus.windows.net storsyncnwskuumgkdlgi.blob.core.windows.net storhealnwskuumgkdlgi.blob.core.windows.net storgatwnwskuumgkdlgi.blob.core.windows.net google.com`	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbusmese6xxndjusg.servicebus.windows.net evhubmese6xxndjusg.servicebus.windows.net evhubbackmese6xxndjusg.servicebus.windows.net storsyncmese6xxndjusg.blob.core.windows.net storhealmese6xxndjusg.blob.core.windows.net storgatwmese6xxndjusg.blob.core.windows.net`	Access control	Connection to Synergis.

Korean datacenters

The following network ports must be open for systems hosted in Korean datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: centralkr.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-ckr-0.azure-devices.net edgeosprodckrappstore.azurecr.io edgeosprodckrappstore.koreacentral.data.azurecr.io prod0ckrfwimages.blob.core.windows.net prod0ckrdevicesmgmt.blob.core.windows.net prod0ckrdevicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* centralkr.video.genetec.cloud centralkorea.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.centralkr.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1ckrhrz.blob.core.windows.net tds2ckrhrz.blob.core.windows.net tds3ckrhrz.blob.core.windows.net tds4ckrhrz.blob.core.windows.net tds5ckrhrz.blob.core.windows.net tds6ckrhrz.blob.core.windows.net tds7ckrhrz.blob.core.windows.net tds8ckrhrz.blob.core.windows.net ckrscsaas01.blob.core.windows.net ckrscsaas02.blob.core.windows.net ckrscsaas03.blob.core.windows.net ckrscsaas04.blob.core.windows.net ckrscsaas05.blob.core.windows.net ckrscsaas06.blob.core.windows.net ckrscsaas07.blob.core.windows.net ckrscsaas08.blob.core.windows.net ckrscsaas09.blob.core.windows.net ckrscsaas10.blob.core.windows.net ckrscsaas11.blob.core.windows.net ckrscsaas12.blob.core.windows.net ckrscsaas13.blob.core.windows.net ckrscsaas14.blob.core.windows.net ckrscsaas15.blob.core.windows.net ckrscsaas16.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	google.com Recommended: *.geneteccloud.com	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbusmzzgywtnmm45w.servicebus.windows.net evhubmzzgywtnmm45w.servicebus.windows.net evhubbackmzzgywtnmm45w.servicebus.windows.net storsyncmzzgywtnmm45w.blob.core.windows.net storhealmzzgywtnmm45w.blob.core.windows.net storgatwmzzgywtnmm45w.blob.core.windows.net`	Access control	Connection to Synergis.

UK datacenters

The following network ports must be open for systems hosted in UK datacenters.


Outbound port	Endpoint domain	Required by	Port usage
UDP 123	Network Time Protocol (NTP) servers are selected from the following sources (highest priority to lowest priority): Manual NTP configuration in the appliance portal. DHCP Default NTP servers: time1.google.com time2.google.com time3.google.com time4.google.com pool.ntp.org	Edge OS	Connection to an NTP server.
ICMP ping	8.8.8.8	Edge OS	Diagnostics to indicate if the appliance can reach a global, public endpoint.
UDP 53	DNS servers are selected from the following sources (highest to lowest priority). Manual DNS configuration in the appliance portal. DHCP Default DNS servers: 1.1.1.1 8.8.8.8 1.0.0.1 8.8.4.4	Edge OS	Connection to a DNS server.
TCP 443	Recommended: .genetec.cloud .genetec.com Current service endpoints: southuk.firmwarerepository.edge.genetec.cloud login.genetec.com	Edge OS	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`global.azure-devices-provisioning.net genetec-dm-hub-prod-suk-0.azure-devices.net edgeosprodsukappstore.azurecr.io edgeosprodsukappstore.uksouth.data.azurecr.io prod0sukfwimages.blob.core.windows.net prod0sukdevicesmgmt.blob.core.windows.net prod0sukdevicesdiags.blob.core.windows.net eastus2-3.in.applicationinsights.azure.com eastus2.livediagnostics.monitor.azure.com`	Edge OS	Endpoints required for connecting to and managing Genetec Cloudlink appliances.
TCP 443	Recommended: .genetec.cloud Current service endpoints:* southuk.video.genetec.cloud southuk.tds.genetec.cloud	Video	Connection for live video streaming, video recording, and video playback.
TCP 554	Recommended: .genetec.cloud Current service endpoint:* rtsp.southuk.video.genetec.cloud	Video	Connection for RTSP streaming.
TCP 443	tds1sukhrz.blob.core.windows.net tds2sukhrz.blob.core.windows.net tds3sukhrz.blob.core.windows.net tds4sukhrz.blob.core.windows.net tds5sukhrz.blob.core.windows.net tds6sukhrz.blob.core.windows.net tds7sukhrz.blob.core.windows.net tds8sukhrz.blob.core.windows.net sukscsaas01.blob.core.windows.net sukscsaas02.blob.core.windows.net sukscsaas03.blob.core.windows.net sukscsaas04.blob.core.windows.net sukscsaas05.blob.core.windows.net sukscsaas06.blob.core.windows.net sukscsaas07.blob.core.windows.net sukscsaas08.blob.core.windows.net sukscsaas09.blob.core.windows.net sukscsaas10.blob.core.windows.net sukscsaas11.blob.core.windows.net sukscsaas12.blob.core.windows.net sukscsaas13.blob.core.windows.net sukscsaas14.blob.core.windows.net sukscsaas15.blob.core.windows.net sukscsaas16.blob.core.windows.net	Video	Endpoints for video recording and video playback that support load balancing and resiliency.
TCP 1935 UDP 1935	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Video	Interactive Connectivity Establishment (ICE) TCP in Web Real-Time Communication (WebRTC) for live streaming.
UDP 3478 TCP 3478 UDP 443 TCP 443 UDP 80 TCP 80	turn.video.geneteccloud.com stun.relay.metered.ca global.relay.metered.ca	Video	Traversal Using Relays around NAT (TURN) server and Session Traversal Utilities for NAT (STUN) servers for live WebRTC video streaming.
TCP 2624	Important: Ensure that you include the Cloud Security Center Virtual Machine associated with your system in your allowlist. Recommended: .gsc-cloud.com Current service endpoint:* {YourClientSpecificSCVirtualMachines}.gsc-cloud.com	Intrusion	Connection for intrusion.
TCP 443	google.com Recommended: *.geneteccloud.com	Access control	Connection between Genetec Cloudlink and Security Center SaaS.
TCP 443	`serbussjrfguy7ssisi.servicebus.windows.net evhubsjrfguy7ssisi.servicebus.windows.net evhubbacksjrfguy7ssisi.servicebus.windows.net storsyncsjrfguy7ssisi.blob.core.windows.net storhealsjrfguy7ssisi.blob.core.windows.net storgatwsjrfguy7ssisi.blob.core.windows.net`	Access control	Connection to Synergis.

Network communication with cameras

For video, the following ports must be open for local cameras. Opening these ports ensures that the Cloudlink appliance can connect to the cameras, manage them, and stream video.


Inbound port	Outbound port	Port usage
	TCP 443 TCP 80	Camera connections HTTPS on port 443 is preferred. Cloudlink appliances only fall back to HTTP on port 80 if secure communication isn’t available.
	TCP 554	RTSP for video requests.
	UDP 3702	Camera discovery requests on 239.255.255.250 (multicast).
UDP 10000 to 10599		Real-Time Transport Protocol (RTP) and Real-time Transport Control Protocol (RTCP) communication from cameras to the Cloudlink appliance.
UDP 5353	UDP 5353	Camera discovery.
UDP 20000		Camera discovery responses.

Network communication with intrusion panels

Open the following ports to enable communication between intrusion panels and the Intrusion app (Genetec Intrusion Bridge) on Cloudlink appliances. The ports allow the appliance to connect to panels and exchange events and commands.


Inbound port	Outbound port	Port usage
	TCP 2624	Connecting the Intrusion app (Genetec™ Intrusion Bridge) on the Cloudlink appliance to the Genetec™ Intrusion Protocol extension in Security Center SaaS.
	TCP 7700	The default port for sending and receiving commands between Bosch intrusion panels and the Intrusion app (Genetec Intrusion Bridge) on the appliance.