Appearance
Firewall operations
Customer networks are the norm for commercial IoT deployments. Devices sit behind NAT, corporate firewalls, and ISP routers you do not control.
Why traditional access fails
Port forwarding requires:
- Administrative access to the customer's router
- A static local IP for each device
- Inbound firewall exceptions
- Coordination with customer IT for every deployment
VPN access requires:
- VPN server setup and maintenance
- Customer IT to allow VPN traffic
- Per-user VPN accounts and credential management
How Dataplicity works in customer networks
The agent makes outbound HTTPS connections only. If the device can reach the internet (the same way it would reach any HTTPS website), Dataplicity works.
No inbound ports. No customer firewall changes in most cases.
Restricted networks
Some customer networks filter outbound HTTPS. In that case, allow these hosts on TCP port 443. See Firewall requirements:
api.dataplicity.comm2m.dataplicity.com
Provide this list to customer IT during deployment planning.
When to use this
- Devices deployed to customer-owned facilities
- Retail, industrial, agricultural, or municipal sites
- Any environment where you cannot configure the local router