On this page, you will find reference material to help you configure Broadsign Control Products with various networking parameters.
Tip: For network access rules covering all Broadsign products, refer to Network Access Rules in the Broadsign Platform documentation.
Note: For detailed information about security features and strategies in Broadsign Control, see Communication Security Distribution.
This section lists the firewall rules to configure.
General Firewall Rules
Warning: Starting with Broadsign Control Player v15.0, we are standardizing Broadsign Control Player to cloud communication ports (443). Outgoing port 443 must be opened so that Broadsign Control Players can communicate with Broadsign Control Server.
| Service | Port | Type | Direction | Destination(s) |
|---|---|---|---|---|
| DSCP: Broadsign Control Information | 10799 | TCP | Outgoing |
Broadsign Control Edge ServerCluster (see Destination Hostnames). Broadsign Control Player self-registration process. |
| CTP: Broadsign Content Downloads | 10805 | TCP | Outgoing |
Broadsign Control Edge Server Cluster (see Destination Hostnames). |
| Broadsign Control Administrator and Broadsign Control Player Login Service | 443 | TCP | Outgoing |
Broadsign Control Production environment (see Destination Hostnames) Mandatory for all aspects of Broadsign Control Player operations. |
Broadsign Publish Firewall Rules
If you require Broadsign Publish (or Broadsign Creator) content, you will need to configure the following networking parameters:
| Broadsign Control Player (BSP) Version # | Port | Type | Direction | Destination(s) |
|---|---|---|---|---|
| BSP v12.1+ | 443 | TCP | Outgoing | Broadsign Publish/Broadsign Creator |
| BSP v12.0 and under | 80 | TCP | Outgoing | Broadsign Publish/Broadsign Creator |
Broadsign Control Live Firewall Rule
If you are using Broadsign Control Live, you will need to configure the following networking parameters:
| Port | Type | Direction |
|---|---|---|
| 443 | TCP | Outgoing |
If you use Broadsign Control API (with either our REST or SOAP architecture), you will need to open a port to allow outbound access. Each protocol has its own hostnames and ports as described below:
REST Architecture
For more information, see Basic Request Structure.
| Hostnames | Port |
|---|---|
|
https://api-sandbox.broadsign.com (sandbox) |
10889 |
| https://api.broadsign.com (production) | 10889 |
SOAP Architecture
For more information, see PHP Developers: Step 4 - Configure your Installation or Java Developers: Step 4 - Configure your Installation.
| Hostnames | Port |
|---|---|
| https://bssopen-sandbox.broadsign.com (sandbox) | 10803 |
| https://bssopen.broadsign.com (production) | 10803 |
| Service | Port | Type | Direction | Destination(s) |
|---|---|---|---|---|
| FTP: Broadsign Remote Diagnostics | 21 | TCP | Outgoing | Broadsign Remote Diagnostics Server |
| HTTP: Broadsign Crash Reporting | 80 | TCP | Outgoing | Broadsign Crash Report Server |
The following destination hostnames are used.
Broadsign Server Cluster (Port 10799 and 10805)
- bss.broadsign.com (for users of Broadsign Control Administrator)
Broadsign Server Cluster (Port 443)
- *.control-prod.broadsign.com (for users of Broadsign Control Administrator and Broadsign Control Player)
Crash Reporting Server (Port 80)
- cr.broadsign.com
Broadsign Remote Diagnostics Server (Port 21)
- pickup.broadsign.com
Sometimes, the IT policy of a site requires to explicitly hard-code the IP addresses of Broadsign Control Server into the firewall rules. We understand that sometimes it is necessary to comply with a third-party IT policy when piggybacking on another network. However, please take note of the following warning:
Warning: Hard-coding the server IPs into a firewall is not recommended. Broadsign reserves the right to change its server IPs at any time. Broadsign is not responsible for service interruptions due to static IP rules set in client firewalls.
Firewall and Static IPs
The IP range of the primary Broadsign Control Server AWS Cloud is:
- 35.183.92.0 to 35.183.92.31
In addition, the following IPs are for disaster recovery purposes and should also be added to any IP-based firewall rules:
- 54.86.56.66
- 54.210.129.218
- 54.210.236.85
- 54.88.254.12
- 54.210.246.96
Broadsign Control Live Add-On
If you are using the Broadsign Control Live add-on, add the following extra IP address ranges to the allow list based on your location:
| Location | IP Address Range |
| United States |
|
| European Union |
|
| Asia |
|
| India |
|
Don't miss an update! Use our