1. HCM Info
  2. Heartland Restaurant
  3. Settings

Networking and Whitelisting of Domains

[[ video.video_data.title || (video.article_name + ' - ' + video.video_id) ]]

Networking and Whitelisting of Domains

Overview

This article provides a list of domains you may need to whitelist, depending on your network firewall configuration. It also includes a network layout of a common two-terminal site, along with a basic Control Scan (optional) template for reference.

About Genius for Restaurants

Genius for Restaurants is a cloud based Restaurant Point of Sale solution. Genius is comprised of several iOS applications including the main POS application, Kiosk application, Customer Display application, Guest application, and a web based portal for setup and menu configuration. The applications use a multitude of languages including Objective-C, Swift, angular, react, PHP and a few others. Genius uses Amazon's AWS services to send, receive, and store data which includes backup and failover services.

Domains to Whitelist

*.heartland.us - This wildcard should cover all the below HRPOS domains:

*.appcenter.ms

*.eloview.com - This wildcard should cover the ELOview MDM urls below:

  • secure-api.eloview.com/prod (ports 443)
  • secure-provisioning.eloview.com/prod (ports 443)
  • secure-broker.eloview.com (ports 443)
  • secure-logs.eloview.com (ports 443)
  • secure-content.eloview.com (ports 443)
  • secure-auth.eloview.com (ports 443)

*.datadoghq.com - This wildcard should cover the two Datadog urls below:

  • logs.datadoghq.com
  • agent-http-intake.logs.datadoghq.com

browser-intake-datadoghq.com

browser-intake-us3-datadoghq.com

2.android.pool.ntp.org (ports 123)

*.gpapis.globalpay.com (ports 443, 8002, 8080, 8081)

The following are for the Como integration:

  • https://api.prod.bcomo.com / 443
  • https://api.prod.como.com / 443
  • https://services.prod.bcomo.com /443
  • https://services.prod.como.com /443
  • https://image-fit-prod.como-services.com /443
  • https://comosense.com /443
  • https://agent.comosense.com /443
  • https://app.prod.bcomo.com /443
  • https://app.prod.como.com /443
  • 34.241.204.208/28 : 443 
  • 13.228.64.144/28 : 443 
  • 34.239.145.112/28 : 443 
  • 34.216.110.112/28 : 443
  • 52.19.89.241/32
  • 52.16.251.183/32
  • 52.215.80.220/32
  • 52.17.90.11/32
  • 35.224.136.189/32
  • 34.72.117.66/32
  • 35.193.162.127/32
  • 34.170.25.224/32
  • 35.224.138.44/32
  • 34.46.72.148/32
  • 34.66.113.165/32
  • 34.171.210.117/32
  • 104.199.78.141/32
  • 130.211.57.2/32
  • 35.222.102.120/32
  • 34.135.53.172/32
  • 34.135.84.52/32
  • 34.123.253.204/32
  • 212.199.63.58/32
  • 161.35.206.194/32

The following is for the Pendo service, which is used to show in-app guidance.

  • app.pendo.io / 443
  • cdn.pendo.io / 443 
  • data.pendo.io / 443
  • portal.pendo.io / 443

*.storage.googleapis.com [ports: 443, 32, 25, 8080, 64, For SSL, enter 465. For TLS, enter 587]

Additional Domains You May Want to Whitelist

amazonaws.com - We use several Amazon services.

cloudfront.net - This is Amazon’s CDN service.

itstgate.com - This is the BridgePay gateway.

monetary.co - This is the Monetary gateway.

 t.broadpos.com  - With a PAX device, this will allow communication to download file configurations.

gpr.globalpaymentsinc.ca - May be used with PAX PATT.

If using EMV, we will provide you a more detailed list, as those terminals speak directly to the processor.

Domains that aren't necessarily required to run our system but can be used for certain functionality.

Apple.com - For obvious reasons. This system runs on iOS, so in order to receive security updates, notifications, etc. this should be open. Below are additional Apple domains:

google.com - Although our application doesn't talk directly with google, we are using some of their maps API in our website. So making setup changes on our admin portal will be loading javascript libraries from google.

Genius Hardware Configuration

mceclip2.png

Genius Control Scan Network Template

Below is the default network scheme that is used with ControlScan for Genius .

It is important to make sure that the old Xenial SSIDs are ‘forgotten’ on all devices that may have it locally saved to prevent conflicts. Below details the template used for Genius locations.

ControlScan Login and Support

Any changes with ControlScan has to go though control scan.

Support number:  (800) 393-3246, option 1

Control Scan Login

https://n134.meraki.com/ES110866-Slaps-B/n/sIJ-ibgc/login/dashboard_login

Control Scan Template

mceclip0.png

SSIDs

HRPOS Payments:  IP Address - 192.168.110.X

HRPOS BackOffice:  IP Address - 192.168.20.X

HRPOS Guest:  IP Address - 10.0.0.0

Port 1 Hardwired iPads IP range:  192.168.10. 2- .15

Port 1 Printers IP range:  192.168.10. 16-.47

Port 2 PAX:  192.168.40. X

Port 1 PAX(Alternate):  192.168.10. .48-.63

Port 3 any Back Office devices:  192.168.20.X

Hardwired Devices

mceclip1.png