Articles in this section

See more

Micros RES Firewall Site Setup

Avatar
Scott Morgan
Updated Print PDF

Network Firewall and Anti-Virus Setup
PUNCHH Firewall rules. Confirm that the following FQDN (Fully Qualified Domain Names) endpoints are properly whitelisted in the site's firewall/router
(PUNCHH DOES NOT SUPPORT FIREWALL RULES USING IP ADDRESSES):

NETWORK FIREWALL CONFIGURATION

ALLOW

TCP using port 443
FROM: POS BOH SERVER
TO:
api.punchh.com - Punchh check-in and redemption transactions
pos.punchh.com - Punchh check-in and redemption transactions, Punchh application configuration & update server
isl.punchh.com - Punchh check and barcode details
poslogs.punchh.com - Punchh log file repository (Being Deprecated)
loguploads.punchh.com - New Punchh log file repository 

(Optional - For use in the case of assistance by Punchh Support to monitor reliability of site Internet connection)

ALLOW

REPLY ICMP 
FROM:
pinger.punchh.com - Punchh zabbix connectivity monitoring server
TO:
Firewall WAN interface


ALLOW
Web Surfing

ALLOW
FROM:
POS BOH File Server
TO:
https://*.punchh.com

SOFTWARE FIREWALL and ANTI-VIRUS AND APPLICATION WHITELISTING CONFIGURATION

ALLOW 
Downloads of exe & dll files in ZIP files Authorized:

FROM 
https://pos.punchh.com - Punchh application configuration & update server

Verify that the following directories and sub-directories are excluded from AntiVirus, real time scanning on the POS BOH Server and also whitelisted in the software application control for the POS terminals. Files in this folder need to be able to be updated and automatically added to the POS BOH PC application whitelist when updated by our update service.

c:\Program Files\Punchh\*

or
c:\Program Files (x86)\Punchh\*


Application Whitelist Control - Organizational Whitelisting

If your AV/Application whitelisting system provides the ability to approve applications that are cryptographically signed by specific organizations add:

PUNCHH INC (punchh.com)

as a trusted application provider to ensure updates downloaded to the site are not blocked by your Application Whitelist Control system


NETWORK FIREWALL VALIDATION

From the POS BOH PC open a web browser and navigate to the following web pages:

https://isl.punchh.com/ping
https://pos.punchh.com/ping
https://api.punchh.com/ping
https://poslogs.punchh.com/ping
https://loguploads.punchh.com/ping

Each web page should return a plain white page with OK or Healthy. If any page doesn't return either of these messages, the firewall needs to be reviewed to ensure the correct FW rules are in place.