Cablecast Firewall Guide
Introduction
Ensuring network security is critical to protect your organization's digital assets from potential threats. Managing internal and external TCP ports is a key aspect of network security. In this guide, we will focus on CablecastDeviceControl service's specific port requirements and firewall/antivirus exclusion recommendations. Understanding these port configurations is essential for maintaining a secure and efficient network environment.
CablecastDeviceControl and HTTP Ports
CablecastDeviceControl relies on various TCP ports for different HTTP traffic, primarily utilizing HTTP proxying to forward requests to the appropriate services or servers. This approach enables Cablecast to provide essential features such as API Requests, Confidence Thumbnails, Digital File Transfers, File Preview, Trimming and more.
Ports Required For User Interface, VOD, Live Streaming, Internet Channels, and Reflect Access
Cablecast needs relatively few ports opened for standard operation. These fall under two main categories. The first most common are standard TCP HTTP ports 80 and 443 required for standard web traffic. These ports should be ether NAT (Network-Address-Translated or Port Forwarded) to the Host Cablecast server. The Host Cablecast server is the server that is used to access the Cablecast User Interface. The host server will provide access to all video on demand and live streaming content. CDN services like Cablecast Reflect will use ports 80 and 443 to access VOD and Live Stream content to cache it in Cablecast’s Cloud.
Cablecast Servers should never be connected directly to the public internet without some sort of firewall appliance filtering traffic between the public internet and the Cablecast appliance.
The other major category of port forwards required for public access would be for Network Streams that require pushing streams to Cablecast servers. An example of such a network stream would be SRT. Specific guidance can not be given in a general purpose article as requirements for port forwarding and firewall rules will vary on a site by site basis.
| Port | Protocol | Purpose | Notes |
| 80 | TCP | HTTP | When HTTPS is enabled all HTTP traffic is automatically redirected to HTTPS |
| 443 | TCP | HTTPS | for SSL |
| Varies | Varies | Network Streams | Incoming ports for network streams varies as per customer requirements. |
Inter-server communication
Cablecast systems typically are composed of multiple servers where one acts as the host of the user interface, and others acting as secondary video servers, live streaming servers, etc. To perform their standard operations these servers use a variety of ports to communicate internally.
The Cablecast installer automatically makes the necessary changes to the Windows Firewall to allow for normal operation. When using a third party firewall or other network security these channels of communication should remain open for normal operation.
| Port | Machine | Protocol | Purpose | Notes |
| 55001 | All | TCP | HTTP | Internal HTTP server used for file transfers and communications. |
| 56700 | All | TCO | Remoting Service | Cablecast Device Control Remoting Service |
| 57907 | Host Unit | TCP | Cablecast CG Notifications | Allows CablecastCG to signal notifications for bulletin updates. When blocked will fallback to polling reducing updating interval frequency. |
