Airside Sync IT Requirements

Network Connectivity

The Airside Sync app requires the ability to make outgoing connections to the Internet on TCP port 443 (HTTPS). It is not bandwidth intensive and generally any regular WiFi or 4G/5G cellular data connection is sufficient. The mobile app uses gRPC over TLS (HTTP/2) to communicate with the Airside Sync Cloud service. The browser-based client uses gRPC-Web over WebSockets for the same purpose.

Additionally, Airside Sync on all platforms use a standards-based OpenID Connect login form which is served from our authentication partner (Microsoft Azure). Normal web browsing permissions are required to access the login form.

The documentation and service information which is available in the mobile and browser-based apps also use HTTPS to load content.

No incoming connections are required.

If whitelisting is required, the following domains should be allowed:

• *.safe-sky.net

• *.api.safe-sky.net

• *.app.safe-sky.net

Compatibility with NAT, VPNs, Firewalls, and Proxies

Airside Sync is compatible with any network solution that does not alter the carried network traffic at the application level; such as normal NAT routers, VPNs, and firewalls. Proxies that do not alter the carried traffic, such as a normal SOCKS5 proxy, are also compatible.

The gRPC and WebSocket connections used by the Airside Sync are generally not compatible with HTTP/HTTPS proxies, nor with man-in-the-middle style network inspection devices. Safe Sky Industries make no guarantees of compatibility with such devices.

Security Assessment & Pen Testing

The Airside Sync mobile app and web service is assessed by an independent security firm on a yearly basis. The assessment report is available upon request.