Network Firewall and Anti-Virus Setup
PUNCHH Firewall rules. Confirm that the following FQDN (Fully Qualified Domain Names) endpoints are properly whitelisted in the site's firewall/router
(PUNCHH DOES NOT SUPPORT FIREWALL RULES USING IP ADDRESSES):
NETWORK FIREWALL CONFIGURATION
ALLOW
TCP using port 443
FROM: POS BOH SERVER
TO:
api.punchh.com - Punchh check-in and redemption transactions
pos.punchh.com - Punchh check-in and redemption transactions, Punchh application configuration & update server
isl.punchh.com - Punchh check and barcode details
poslogs.punchh.com - Punchh log file repository (Being Deprecated)
loguploads.punchh.com - New Punchh log file repository
(Optional - For use in the case of assistance by Punchh Support to monitor reliability of site Internet connection)
ALLOW
REPLY ICMP
FROM:
pinger.punchh.com - Punchh zabbix connectivity monitoring server
TO:
Firewall WAN interface
ALLOW
Web Surfing
ALLOW
FROM:
POS BOH File Server
TO:
https://*.punchh.com
SOFTWARE FIREWALL and ANTI-VIRUS AND APPLICATION WHITELISTING CONFIGURATION
ALLOW
Downloads of exe & dll files in ZIP files Authorized:
FROM
https://pos.punchh.com - Punchh application configuration & update server
Verify that the following directories and sub-directories are excluded from AntiVirus, real time scanning on the POS BOH Server and also whitelisted in the software application control for the POS terminals. Files in this folder need to be able to be updated and automatically added to the POS BOH PC application whitelist when updated by our update service.
c:\Program Files\Punchh\*
or
c:\Program Files (x86)\Punchh\*
Application Whitelist Control - Organizational Whitelisting
If your AV/Application whitelisting system provides the ability to approve applications that are cryptographically signed by specific organizations add:
PUNCHH INC (punchh.com)
as a trusted application provider to ensure updates downloaded to the site are not blocked by your Application Whitelist Control system
NETWORK FIREWALL VALIDATION
From the POS BOH PC open a web browser and navigate to the following web pages:
https://isl.punchh.com/ping
https://pos.punchh.com/ping
https://api.punchh.com/ping
https://poslogs.punchh.com/ping
https://loguploads.punchh.com/ping
Each web page should return a plain white page with OK or Healthy. If any page doesn't return either of these messages, the firewall needs to be reviewed to ensure the correct FW rules are in place.