External resources used by the Boomerang appliance.
All Boomerang communication to Amazon Web Services (AWS) APIs are over https on tcp port 443, this includes replication and deployment.
If you are required to further tighten the security of your network and restrict access to just a region or specific IP’s in AWS, a comprehensive list of AWS’s ip ranges per region and service can be found here (https://ip-ranges.amazonaws.com/ip-ranges.json).
If you are are required to restrict to known IP ranges and locations, the following locations should be included in the allow list:
- License verification will connect to `unitrends-license.vtc.io‘ on https on tcp port 443. The functionality of Boomerang will be affected if this is blocked.
- Upgrade patches will be obtained from `download.vmboomerang.com` on http on tcp port 80. The appliance won't be able to receive upgrades if this is blocked.
- Remote logging will upload over https on tcp 443 to: unitrends.vta.log.s3.amazonaws.com in us-west-2. This will not affect functionality of the software if access is blocked.
- Further remote monitoring is performed using Google analytics – this will send requests to the google analytics service, over https on tcp port 443 from the client being used to access the web user interface. This will not affect functionality of the software if access is blocked.