No Inbound Access needed
The Monitoring Client accepts no incoming network traffic. No port forwarding or additional configuration is required.
Since the Monitoring Client submits hourly reports via an https post, it is compatible with most firewalls and proxies.
The Monitoring Client's hourly http(s) submission is compatible the majority of proxy-servers.
There is currently no support for authenticated proxies.
Outbound Traffic Rules
If an organization chooses to create a manual pinhole, the settings are:
The Monitoring Client will use the system's DNS configuration to resolve its hosted server (at *.monitoringclient.com)
The IP Addresses to whitelist are:
By default, the report is submitted to port 443 of the Watchman Monitoring server. HTTP reporting on port 80 is an option available in the PreferencePane of the Monitoring Client.
Separate rules for auto-updating
The auto-update process relies on a separate validation server, and access to Amazon's S3 network.