Airside Sync IT Requirements¶
The Airside Sync mobile app requires the following network permissions:
Outgoing connections to the Internet on TCP port 443 (HTTPS). Airside Sync uses a standards based OpenID Connect login form which is served from our authentication partner (Microsoft Azure). Normal web browsing permissions are required to access the login form. Additionally the documentation and service information which is available in the mobile app use HTTPS to load content.
Outgoing connections to the Internet on TCP port 3840 (gRPC/HTTP2). Airside Sync uses gRPC (RPC over HTTP/2) for communication with the Airside Sync Cloud service.
No incoming connection permissions are required.
Compatibility with NAT, VPNs, Firewalls, and Proxies¶
Airside Sync is compatible with any network solution that does not alter the carried network traffic at the application level, such as normal NAT routers, VPNs, and firewalls. Proxies that do not alter the carried traffic, such as a normal SOCKS5 proxy, are also compatible.
The gRPC connection to the Airside Sync Cloud uses certificates issued by Safe Sky Industries. This connection is not compatible with HTTP/HTTPS-only proxies, nor with man-in-the-middle style network inspection devices. Such devices rely on the ability to generate HTTPS certificates on the fly and have them be accepted by the client application, which will not be the case with Airside Sync. The connection itself is also a bi-directional realtime HTTP/2 stream which by itself is not compatible with most HTTPS inspection proxies.
Security Assessment & Pen Testing¶
The Airside Sync mobile app and web service is assessed by an independent security firm on a yearly basis. The assessment report is available upon request.