# Network Security Policies

## Introduction

This document outlines the network security policies for HTTPS inbound and outbound traffic for the DialoX platform, operated by Enreach B.V. It includes details on Transport Layer Security (TLS) standards, traffic routing via Google Cloud Load Balancer, and specific IP addresses and ports required for customer firewall configuration.

## HTTPS Security Policies

#### TLS Security Standards

DialoX enforces secure communication using the latest TLS standards to ensure data integrity and confidentiality. The following security measures are implemented:

* **TLS Version**: TLS 1.2 and TLS 1.3 are enforced, with TLS 1.3 preferred where supported.
* **Cipher Suites**: Only strong cipher suites are enabled, such as:
  * TLS\_AES\_256\_GCM\_SHA384
  * TLS\_CHACHA20\_POLY1305\_SHA256
  * TLS\_ECDHE\_RSA\_WITH\_AES\_256\_GCM\_SHA384
* **HSTS** (HTTP Strict Transport Security): Enforced to prevent protocol downgrade attacks.
* **OCSP Stapling**: Enabled to improve SSL/TLS certificate validation.

## Google Cloud Load Balancer Integration

Google Cloud Load Balancer is utilized to manage inbound HTTPS requests securely. It supports automatic certificate renewal, DDoS protection, and global distribution for optimal performance and security.

## Inbound and Outbound Traffic Requirements

Customers with strict firewall policies require specific port and protocol configurations for seamless integration with DialoX services. Below is a detailed list of the IP addresses, ports, and protocols used.

### Inbound Traffic (From Customers to DialoX)

| Destination IP | Domain Names                                          | Ports | Protocol            |
| -------------- | ----------------------------------------------------- | ----- | ------------------- |
| 35.241.27.155  | <p>inbox.dialox.ai<br>studio.dialox.ai<br>bsqd.me</p> | 443   | HTTPS (TLS 1.2/1.3) |

### Outbound Traffic (From DialoX to Customer Systems)

| Source IP     | Ports | Protocol            |
| ------------- | ----- | ------------------- |
| 34.91.172.214 | 443   | HTTPS (TLS 1.2/1.3) |

Customers should configure their firewalls to allow traffic to and from these IP addresses to ensure seamless communication with DialoX services.

## Conclusion

By adhering to the latest security standards and leveraging Google Cloud Load Balancer, Enreach B.V. ensures a secure and robust network architecture for DialoX. Customers with strict firewall policies should whitelist the specified IP addresses and ports to avoid disruptions in service.

## Metadata

·      Date: February 7, 2025

·      Publisher: Arjan Scherpenisse

·      Company: Enreach B.V.

·      Revision: 1.0

&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://manuals.dialox.ai/advanced-topics/platform/network-security-policies.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.