What firewall rules are required?
Our devices only use outbound HTTPS requests (port 443) for their communications with Enplug.
They do not have any 'listening inbound' ports open, as that constitutes an unnecessary and often unacceptable security risk. Even when content is updated seemingly 'on-the-fly', it is using a pure pull mechanism from the devices to the servers, never the other way around.
Are other ports ever used?
If you plan on displaying content from a website (using the webpage app), we recommend that web site be accessible through HTTPS rather than HTTP. In the case you do decide to connect to a third-party web site using HTTP, you would have to open outbound port 80 on your firewall, at least to that web site's domain.
Will this device only be communicating with Enplug’s servers?
The device does communicate with third-party services.
For example, for social media, the devices connects directly with Instagram and Twitter’s APIs.
As described above, if you configure the webpage app to connect to a third-party web site, the device will directly communicate with that web site.
Devices also rely on Amazon AWS-SQS to receive commands and messages (again, over HTTPS using pure pull mechanism, never push).
How are the devices protected? What security measures are put in place?
Communication between Enplug and a device is protected using secure, token-based authentication. Your data is protected with SSL encryption using servers hosted at a state-of-the-art SSAE-16 certified, Sarbanes-Oxley (SOX) compliant data center.
Does the device come installed with virus protection, and if so, how often is it updated?
The device doesn’t come installed with specific virus protection, but rest assured that we don’t install any untrusted third-party software and strip the Android OS down to the bare minimum that is required to run our player software.
Are the devices are IPV4 and IPV6 compatible?
The devices are IPV4-compatible, but not compatible with IPV6.