Airside Sync IT Requirements¶
The Airside Sync app requires the following network permissions:
Outgoing connections to the Internet on TCP port 443 (HTTPS). The browser-based Airside Sync client uses WebSockets over HTTPS for communication with the Airside Sync Cloud service.
Additionally, Airside Sync on all platforms use a standards-based OpenID Connect login form which is served from our authentication partner (Microsoft Azure). Normal web browsing permissions are required to access the login form.
The documentation and service information which is available in the mobile and browser-based apps also use HTTPS to load content.
Outgoing connections to the Internet on TCP port 3840 (gRPC/HTTP2). Airside Sync on mobile platforms uses gRPC (RPC over HTTP/2) for communication with the Airside Sync Cloud service.
No incoming connection permissions are required.
Compatibility with NAT, VPNs, Firewalls, and Proxies¶
Airside Sync is compatible with any network solution that does not alter the carried network traffic at the application level, such as normal NAT routers, VPNs, and firewalls. Proxies that do not alter the carried traffic, such as a normal SOCKS5 proxy, are also compatible.
The gRPC connection to the Airside Sync Cloud uses certificates issued by Safe Sky Industries. This connection is not compatible with HTTP/HTTPS-only proxies, nor with man-in-the-middle style network inspection devices. Such devices rely on the ability to generate HTTPS certificates on the fly and have them be accepted by the client application, which will not be the case with Airside Sync. The connection itself is also a bi-directional realtime HTTP/2 stream which by itself is not compatible with most HTTPS inspection proxies.
The HTTPS connection used by the browser-based Airside Sync client requires WebSockets, which are not compatible with some proxies. The Airside Sync mobile app will not work with proxies that do not support or permit WebSockets.
Security Assessment & Pen Testing¶
The Airside Sync mobile app and web service is assessed by an independent security firm on a yearly basis. The assessment report is available upon request.
