Description: Review the below reference guide with instructions, recommendations, and/or best practices of the Appetize Technologies, Inc. (herein referred to as “Appetize”) platform. This document is intended for use by any personnel involved with installing, using, supporting, and/or maintaining the Appetize platform. The reader should be familiar with the Appetize platform, current technology, and basic networking concepts.
- Data Flow Diagram
- Network Connectivity
- Network Bandwidth
- Network Endpoints
- Payment Device Management Technical Resources
Warranties
Appetize Technologies, Inc. makes no warranty about this material. Any information in this guide that you can change without notice. No part of this guide may be reproduced or transmitted in any form or by any means without expressed written permission of Appetize Technologies, Inc. Best efforts will be made to ensure the information in this guide is correct and complete. However, Appetize Technologies, Inc. shall not be liable for errors contained herein or for damages in connection with the use of this guide.
Please contact Appetize Technologies, Inc. for a copy of the current version of this guide and all other documentation.
Trademarks
All trademarks are property of their respective owners.
Contact
Appetize Technologies, Inc.
6601 Center Dr W, Los Angeles, CA 90094
support@appetize.com
Data Flow Diagram
Network Connectivity
Appetize hardware communicates directly with the server to perform nearly all functions. The Appetize client hardware communicates with the server over a standard network connection, using 802.3 wired Ethernet, 802.11 wireless networking or cellular technology. Traffic sent over a secure connection always uses the currently recommended security protocol, which is, as of the date of this document, TLS 1.2 across all endpoints.
Network Bandwidth
Various variables contribute to the bandwidth requirements, which can be estimated more concisely through the Appetize estimation process. Generally, the bandwidth required to support the Appetize system is estimated at approximately 30Kbps per terminal.
Network Endpoints
Ports
This is the current list of ports used by the Appetize platform as of the date of this document.
|
Port #
|
Description
|
|---|---|
| 443 | Secure Connection to Hosted Environment (HTTPS) |
| 80 | HTTP |
| 5223, 2195, 2196 | APNS - Apple Push Notification Service |
| 5228, 5229, 5230 | GCM - Google Cloud Messaging |
| 123 (UDP) | NTP, not required but recommended |
| 1337 | KDS |
IP Addresses
This is the current list of URLs and IP addresses used by the Appetize platform as of the date of this document. Hostname or URL is strongly preferred since most services are load-balanced and can return a different IP via DNS lookups.
|
Service / URL
|
URL
|
IP
|
Port #
|
|---|---|---|---|
| General Services | api.appetizeapp.com | 34.233.41.53 34.204.232.183 |
80 443 |
| Appetize microservices | *.appetize.services | Domain Whitelisting | 443 |
|
FTP Communications |
ftp.appetizeapp.com |
18.208.39.131 |
22 |
| Connect | connect.appetizeapp.com |
34.234.183.173 |
80 |
| APNS | 17.0.0.0/8 |
5223 2195 2196 |
|
| Google Cloud Messaging | Various |
5228 5229 5230 |
Google does not provide a list of IP addresses. Use ASN 15169
Appetize DNS Dependencies
|
DNS
|
Purpose
|
Provider
|
|---|---|---|
| api.appetizeapp.com | Appetize API Services | Appetize |
| ftp.appetizeapp.com | Activate Diagnostics (port 22) | Appetize |
| *.appetize.services | Appetize microservices | Appetize |
| support.appetizeapp.com | Help Desk & Knowledgebase | Zendesk |
| admin.appetizeapp.com | Admin CMS | Appetize |
| connect.appetizeapp.com | CMS | Appetize |
| oauth.appetizeapp.com | API Key / Auth Services | Appetize |
| api-admin.appetizeapp.com | API Key Admin | Appetize |
| websdk.appetizeapp.com | WebSDK | Appetize |
| cart-calculations.appetizeapp.com | Cart Calculations | Appetize |
| manage.eloview.com | EloView | Elo |
| io.eloview.com | EloView | Elo |
| content.eloview.com | EloView Download Content | Elo |
| device.eloview.com | EloView Upload Device Log | Elo |
| dsq.eloview.com | EloView Device Status Query | Elo |
| olark.com | Live Chat | Olark |
| teamviewer.com | Remote Device Tool | TeamViewer |
| firebase.google.com | Crashlytics Logging | Firebase |
| embrace.io | Embrace Loggin | Embrace |
| ocsp.apple.com | Apple | Apple |
| su.itunes.apple.com | Apple | Apple |
| ax.su.itunesapple.com | Apple | Apple |
| givex.com | Givex | Givex |
| hockeyapp.net | Hockey App | |
| google.com | Push Notifications |
Previously, when looking up “api.appetizeapp.com,” a single IP would be returned, even though three were assigned to api.appetizeapp.com: 1.2.3.4, 1.2.3.5, 1.2.3.6, for example. A firewall could do a lookup and get "54.85.232.179" and would whitelist that IP. However, the POS client doing the same lookup would get 34.195.45.87, but the firewall would block it because it only opened up 54. IP.
Currently, when looking up api.appetizeapp.com, all three IPs are returned, and one is selected and utilized randomly. If that one fails, it automatically tries the second, and so forth.
Device Management
This is the current list of endpoints used for device management, which could include features such as application installation, software upgrades, remote device updates, and other administrative tasks. While these endpoints are not required for the operation of the Appetize platform per se, it is strongly recommended to allow these connections.
As with the Appetize IP addresses above, these could change if a CDN or load balancer is used to deliver the service.
|
Description
|
URL
|
IP
|
Port #
|
|---|---|---|---|
| EloView | manage.eloview.com | 104.16.171.243 104.16.170.243 |
443 |
| EloView | io.eloview.com | 104.16.171.243 104.16.170.243 |
443 |
| PAX Store | Various |
PPC Port 9080 443 443 443 3000 3000 |
|
| Airwatch | 63.128.77.234 209.66.96.114 63.128.77.238 209.208.228.192 209.208.228.198 216.235.137.253 192.30.64.1 to 192.30.79.254 |
80 443 |
|
| Airwatch | APNS | 17.0.0.0/8 | 5223, 2195, 2196 |
| Airwatch | GCM | Various | 5228, 5229, 5230 |
| AWS S3 | https://appetize-ingenico-prod.s3.amazonaws.com | PinPad Updates |
Payment Device Management Technical Resources
Gateway PAX End-Points:
|
Primary Auth URL Primary Batch URL |
prodgate02.viaconex.com | 443 |
Gateway (FuseBox) End-Points:
- Simplify uses port 7000 to reach out to the Fusebox gateway, in all versions, using TLS1.2 over TCP/IP.
- Custom application calls DIRECTLY to the Fusebox gateway need to use port 7500 instead, with TLS1.2 over TCP/IP.
|
Description
|
URL
|
IP
|
Port #
|
|---|---|---|---|
| Fusebox Gateway Prod Knoxville IP |
Fusebox Gateway Prod URL -https://fuseboxtrant.elavon.net |
198.203.192.253 | 7000, 7500 |
| Fusebox Gateway Prod Atl IP |
Fusebox Gateway Prod URL -https://fuseboxtrant.elavon.net |
198.203.191.116 |
7000, 7500 |
| Fusebox Test Gateway |
Fusebox Gateway Test URL -https://gatewaydemomoc.elavon.net |
198.203.192.251 |
7000, 7500 |
|
Elavon
|
URL
|
Port #
|
|---|---|---|
| HEM Test Host Name | 6423 | |
| HEM Test Heartbeat Host Name |
3020 |
|
| HEM Prod Host Name | termupdate.elavon.net | 6423 |
| HEM Prod Heartbeat Host Name | termupdate.elavon.net | 3020 |
|
Ingestate End-Points (for Telium Series Terminals)
|
HEM End-Points (for Tetra Series Terminals) |
|---|---|
|
|
Comments
0 comments
Please sign in to leave a comment.