Firewall and bandwidth requirements

Solution Overview

A network appliance or VM is installed on-prem named bcxmonitor.
External connectivity either inbound OR outbound is required from this appliance or VM to monitor.burconix.com (188.39.33.109).
A unique 256-bit pre-shared key is established between the on-prem bcxmonitor and monitor.burconix.com
This encryption key is customer unique and is pre-configured at installation.
The encryption key is only known by your on-prem bcxmonitor and monitor.burconix.com, and is not transmitted over the wire at any time.
The on-prem bcxmonitor communicates with the local devices on your network using a combination of SNMPv1/SNMPv2/SNMPv3/IPMI/ICMP/Zabbix agent and scripts over HTTPS.
This data is then securely transmitted from your on-prem bcxmonitor to monitor.burconix.com using Transport Layer Security (TLS) protocol v1.2 encrypted against the pre-shared key configured at installation.


Option 1 (Active)

The on-prem bcxmonitor is assigned a local static IP address eg: 10.0.0.1
The on-prem bcxmonitor connects outbound to monitor.burconix.com on TCP port 10051


The on-prem bcxmonitor requires external access to monitor.burconix.com (188.39.33.109) on TCP port 10051 in this configuration.


Option 2 (Passive)

The on-prem bcxmonitor is assigned a local static IP address eg: 10.0.0.1
A customer owned external IP address eg: 188.50.60.1 is configured on the customer firewall.
The external IP address eg: 188.50.60.1 mapped through to the local static IP address eg: 10.0.0.1 on TCP port 10051 only.
The external firewall is configured to only accept traffic from monitor.burconix.com (188.39.33.109)


monitor.burconix.com talks inbound to the bcxmonitor appliance in this configuration.