Please select:

The following image shows the architecture of panagenda OfficeExpert, including the required port configurations: 




OfficeExpert Virtual Appliance:

Outbound (originating in virtual appliance):

  • HTTPS to Office365 Cloud tenant for data collection (TCP 80/443)
  • HTTPS to Azure Key Vault within customers azure tenant (TCP 443)
  • Internet Repository URLS (docker.panagenda.com, OS security updates) (TCP 80/443)
  • OPTIONAL: HTTPS to Azure Bot Framework Service

Inbound (accessing virtual appliance):

  • HTTP/HTTPS for configuration and reports (TCP 80/443)
  • OPTIONAL:  HTTPS for Azure Bot Framework Service  (TCP 4443 !)  - https://<appliance>:4443/bot/messages

Just allow inbound tcp 4443 to this particular endpoint /bot/messages only!  (via Firewalls, Azure AD Proxy, ...)

Please note that you also have to provide a company-owned SSL certificate for the OfficeExpert ACE Notification Bot.

  • SSH for system configuration and application tuning (TCP 22)
  • VNC for system configuration and IBM Notes client access (TCP 5901)

The following image shows the architecture of panagenda OfficeExpert, including the required port configurations: 




OfficeExpert Virtual Appliance:

Outbound (originating in virtual appliance):

  • HTTP/HTTPS to Office365 Cloud tenant for data collection (TCP 80/443)
  • HTTPS to Azure Key Vault within customers azure tenant (TCP 443)
  • Internet Repository URLS (docker.panagenda.com, OS security updates) (TCP 80/443)
  • Kafka/Zookeeper to Windows Proxy and simulation clients (TCP 29092/ 22181)

Inbound (accessing virtual appliance):

  • HTTP/HTTPS for configuration and reports (TCP 80/443)
  • HTTPS for Azure Bot Framework Service  (TCP 4443 !)  - https://<appliance>:4443/bot/messages

Just allow inbound tcp 4443 to this particular endpoint /bot/messages only!  (via Firewalls, Azure AD Proxy, ...)

Please note that you also have to provide a company-owned SSL certificate for the OfficeExpert ACE Notification Bot.

  • SSH for system configuration and application tuning (TCP 22)
  • VNC for system configuration and IBM Notes client access (TCP 5901)

  • Kafka/Zookeeper from Windows Proxy and simulation clients (TCP 29092/ 22181)


OfficeExpert Windows Proxy

Outbound (originating in Windows Proxy):

  • PowerShell to Active Directory server, Azure Connect server, ADFS server (TCP 5985/ 5986)
  • PowerShell to Cloud tenant (TCP 80/443)


Inbound (accessing Windows Proxy):

  • PowerShell from Active Directory server, Azure Connect server, ADFS server (TCP 5985/ 5986)


OE Simulation Machines (Bots) 1-n

Outbound (originating in simulation client):

  • Kafka/Zookeeper to virtual appliance (TCP 29092/22181)
  • HTTP/HTTPS to Office365 Cloud tenant (TCP 80/443)