Introduction

These are the network requirements for the cloud solution based on Azure Virtual Desktop (Windows Virtual desktop). It does not describe the old cloud solution based on Citrix or the ASP solution.

Client

One of the Remote Desktop clients mentioned below.

Bandwidth depends on the usage and resolution. A minimum of 150 Kbps. File transfer and printing may demand higher bandwidth. 1Mbps or more recommended.

Latency lower than 200 ms. Latency may be checked for West Europe, South West US 2, and South East Asia (depending on which location your installation is set up on) at https://azure.microsoft.com/en-gb/services/virtual-desktop/assessment/

Support for TLS 1.2 using the chiphers

• TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

• TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

• TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

• TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

Outbound access to TCP port 443 for the following destinations:

• *.wvd.microsoft.com

• *.servicebus.windows.net

• microsoft.com

• ms

• microsoft.com

• microsoft.com

• prod.cms.rt.microsoft.com

Outbound access to TCP port 80 and 443 for the following destinations:

• *.msftidentity.com

• *.msidentity.com

• activedirectory.windowsazure.com

• accesscontrol.windows.net

• microsoftonline.com

• passwordreset.microsoftonline.com

• microsoftazuread-sso.com

• microsoftonline.com

• microsoftonline-p.net

• microsoftonline.com

• login.microsoftonline.com

• microsoft.com

• windows.net

• microsoft.com

• microsoftonline.com

• microsoftonline-p.com

• windows.net

• microsoftonline.com

• microsoftonline.com

• login-us.microsoftonline.com

• microsoftonline-p.com

• microsoftonline.com

• microsoftonline.com

• 190.128.0/18

• 126.0.0/18

• 2603:1006:2000::/48

• 2603:1007:200::/48

• 2603:1016:1400::/48

• 2603:1017::/48

• 2603:1026:3000::/48

• 2603:1027:1::/48

• 2603:1036:3000::/48

• 2603:1037:1::/48

• 2603:1046:2000::/48

• 2603:1047:1::/48

• 2603:1056:2000::/48

• 2603:1057:2::/48
  
  

• *.hip.live.com

• *.microsoftonline.com

• *.microsoftonline-p.com

• *.msauth.net

• *.msauthimages.net

• *.msecnd.net

• *.msftauth.net

• *.msftauthimages.net

• *.phonefactor.net

• windows.net

• azure.com

• dc.ad.msft.net
  
  

• *.entrust.net

• *.geotrust.com

• *.omniroot.com

• *.public-trust.com

• *.symcb.com

• *.symcd.com

• *.verisign.com

• *.verisign.net

• identrust.com

• digicert.com

• int-x3.letsencrypt.org

• globalsign.com

• globalsign.net

• identrust.com

• microsoft.com

• digicert.com

• digicert.com

• trustid.ocsp.identrust.com

• microsoft.com

• digicert.com

• globalsign.com

• msocsp.com

• globalsign.com

• digicert.com

• globalsign.com

• digicert.com

• microsoft.com

Windows Desktop client

Windows 10 or Windows 7 (Windows 8 is not supported). The client from one of the following links matching your Windows system

64 bit systems (https://go.microsoft.com/fwlink/?linkid=2068602)

32 bit systems (https://go.microsoft.com/fwlink/?linkid=2098960)

Mac client

macOS 10.12 or later. 

Download (https://apps.apple.com/app/microsoft-remote-desktop/id1295203466?mt=12)

Web client

Any HTML5 compatible browser, but no mobile OS support. IE 11 will no longer be supported. For Firefox the version must be version 55 or later.

Note that the web client has some restrictions in regard to functionality, specifically accessing local resources (like saving/opening files)

Email

Own email servers or an office365 account.

Allowed Ports: 443, 465, 587

Port 25 is blocked by Microsoft.

Replication

For replication to/from our Cloud service. FTP or FTPS (Either active or passive) towards the FTP server used for replication.

Active FTP

Outbound TCP to port 21

Outbound TCP to port 990  (FTPS)

Inbound TCP to random port number from port 20 (989 FTPS)

Passive FTP

Outbound TCP to port 21

Outbound TCP to port 5000-6000

Portal

To access the Adonis personnel Portal in a browser, HTTPS protocol over TCP port 443 is used.

3rd party

For integrations with 3^rd parties, we may have to adjust our Firewall configurations.  We will need the protocol, ports(and direction), and destination servers used for those integrations.