Korbyt Player Network Connections

Whitelist, Port Access, and Network Diagrams for Korbyt Player connections

Written By Ed Kinne

Last updated 2 days ago

Whitelist and Port Access

Whitelist, DNS

  • The Media Player needs to be assigned a DNS server from DHCP or manually.

  • The Media Player needs to be able to reach a DNS server(step 1) that can resolve our external domain name (*.korbyt.com)

  • Whitelist Korbyt.com – *.korbyt.com will need to be whitelisted in order for subdomains and external sources to be able to be accessed.

    • Note: Domain whitelisting must be used because IP addresses for Korbyt are dynamically assigned.

    • For a Point of Interest - The following is the list of the AWS IP addresses to add to your firewall. Amazon may update these IPs at any time.

    • Again, Korbyt Requires Domain Whitelisting due to the Dynamic nature of the IP assignment

Full Cloud - Ports Needed

  • Port 443 Outbound – is required for the players to connect to Korbyt in the cloud.

  • Port 443 Inbound – is required for access to the web interface of the players (from your INTERNAL network only, not inbound from the cloud)

Hybrid Cloud & On Premises - Ports Needed

  • Port 443 Outbound – is required for the players to connect to Korbyt in the cloud.

  • Port 443 Inbound – is required for access to the web interface of the players (from your INTERNAL network only, not inbound from the cloud)

  • Port 80 Outbound – is required for Hybrid installs in addition to those listed above

  • Port 8081 Outbound – (Content Caching Service) is required for Hybrid installs in addition to those listed above. This port is also used for communication from the players to the On-Prem server.

  • Port 8085 Outbound – (Web Services) is required for Hybrid, in addition to those listed above. This port is also used for communication from the players to the On-Premises server.

On Premises - Ports Needed

  • Standard

    • Port 80 Inbound – Access to player content and CMS interface

    • Port 8085 Inbound – Web Services

  • HTTPS (using a well-qualified certificate)

    • Port 443 Inbound – is required for access to the web interface of the players (from your INTERNAL network only, not inbound from the cloud)

      • All traffic from Port 80 & Port 8085 is redirected to Port 443

Instant Screenshots - Ports Needed

For Instant Screenshots to function, you need to open the following ports

  • MQTT Port 1883

  • MQTT Port 8883

More information on this feature can be found at Korbyt Instant Screenshots

BrightSign Additional Permissions

If you are using BrightSign devices, you may have to configure additional permissions in your network to allow BrightSign functionality.
This BrightSign support article provides details on BrightSign specifc Whitelist requirements– BrightSign Player Access Requirements

If you have a custom configuration in your Korbty service, additional ports and whitelisting may also be required.

Korbyt Network Diagrams

Can be found in Korbyt Network Architecture Diagrams

Routine Network Communications

Communication between the player and the server is over HTTPS RESTful web services.
There are four communications:

  • Heartbeat – every 1 min

    • A simple signal from the player that is used to confirm network connection and establish synchronization of other commands

  • Check-in – every rolling 15 mins

    • A process of the player examining its assigned content for any changes

    • This is when any published changes or automated content will be seen

    • It is possible to trigger check-ins on the next heartbeat by saving a playlist, or manually triggered by Action on the Player details page in the CMS

  • Screenshot – Automatically once, 30 seconds after player startup

    • Then it can be manually triggered by Action onthe Player details page in the CMS

  • Sendlogs – Triggered by Action on Player details page in the CMS

For more information on Player Actions, see Player Settings - Controlling and Configuring Media Players in the CMS