EMIS Web third party network access advisory

Created by James Harley, Modified on Thu, 10 Nov, 2022 at 10:28 PM by James Harley

This article  details the network requirements required for the deployment and patching of EMIS Web client software connecting to an EMIS N3 facing service.


The article is intended for the use of third party firewall configuration teams.


EMIS Hosting IP Allocations

The following tables contain the N3 IP allocations for EMIS hosted services. EMIS network communication in or out of N3 will originate or be destined to one of the following IP allocations.


Table 1

IP Allocations N3 Facing

Type/Description

10.207.112.0/22

EMIS Backup Datacentre

10.207.116.0/22

EMIS Primary Datacentre

Table 2

IP Allocation Legacy N2

Type/Description

194.189.117.64/26

EMIS Legacy N2 IP Allocation
(NOTE: Legacy N2 allocation. Not used for hosting any service but used in some outbound from EMIS support implementations.

Table 3

IP Allocations Internet Facing

Type

185.13.72.0/22

RIPE Local Internet Registry EMIS allocation

AS60851 EMIS-AS

Internet Hosting of EMIS patching services

149.11.42.48/29

EMIS Cogent Allocation

EMIS Web Mobile Port Requirements

The following table lists the URL’s and the ports for the EMIS Web Mobile application.

Application URL

Port(s)

Protocol

IP Destination Network

openapi.emishealth.com

443

TCP

Table 3

identityservice.emishealth.com

443

TCP

Table 3

enrolmentservice.emishealth.com

443

TCP

Table 3

EMIS Web Client Port Requirements

The following table lists the services and ports required for client and SDS connectivity to an EMIS Web hosted clinical system and its patching components.

Application

Port(s)

Protocol

IP Destination Network

EMIS Web Client Spine Messaging

443

TCP

Table 1

EMIS Web Client/SDS Patching Internet

80, 8080

TCP

Table 1 & Table 3

EMIS Web Client SDS Version Check

33962

TCP

Table 1

EMIS Web Client SDS Patch Hub

33956

TCP

Table 1

EMIS Web Client Patching N3

33963

TCP

Table 1

EMIS Web XMPP Client to Client Messaging

33964

TCPTable 1

EMIS Web Client Data Port

33966

TCPTable 1

EMIS Web Client Email

33969

TCPTable 1

EMIS Web Business Continuity

33972

TCPTable 1

EMIS Web Client S3 Documents

The following table lists the URL and the port for the AWS S3 document service which is required for document upload and retrieval.

Application URL

Port(s)

Protocol

IP Destination Network

ewcd01.emishealth.com

443

TCP

Table 1

EMIS Web Appointment Refresh

The following table lists the URL and the port for the EMIS Web Appointment refresh service.

Application URL

Port(s)

Protocol

IP Destination Network

*.iot.eu-west-2.amazonaws.com

443

TCP

Amazon Web Services

  • Ensure firewalls have been opened for outbound port 443 traffic to*.iot.eu-west-2.amazonaws.com.
  • Ensure your internet proxy is configured to allow users to reach any address ending *.iot.eu-west-2.amazonaws.com.
  • Ensure your DNS services can resolve addresses ending in *.iot.eu-west-2.amazonaws.com.


EMIS Web Client Patching Cloud


The following table lists the URL and the port for the EMIS Web client patching service hosed in Amazon Web Services. This provides another location from which client patches can be downloaded in addition to the services detailed in the IP allocation and client port requirements above.

Application URL

Port(s)

Protocol

IP Destination Network

https://d1c7heevvbqh.cloudfront.net

443

TCP

Amazon Web Services

EMIS-X Assistant

The following table lists the URLs and ports used by the EMIS-X Assistant product that integrates with EMIS Web.

Application URL

Port(s)

Protocol

IP Destination Network

openapi.emishealth.com

443

TCP

Internet facing (Table 3)

identityservice.emishealth.com

443

TCP

Internet facing (Table 3)

https://cdn.jsdelivr.net

443

TCP

Internet facing (Table 3)

https://*.emishealthsolutions.com

443

TCP

Internet facing (Table 3)

https://*.emis-x.uk

443

TCP

Internet facing (Table 3)

https://*.emisgroup.uk

443

TCP

Internet facing (Table 3)

https://*.service-now.com

443

TCP

Internet facing (Table 3)

wss://*.appsync-realtime-api.eu-west-2.amazonaws.com

443

TCP

Internet facing (Table 3)

wss://*.emishealthsolutions.com

443

TCP

Internet facing (Table 3)

wss://*.emis-x.uk

443

TCP

Internet facing (Table 3)

Amazon Web Service IP Allocations

For services hosted in Amazon Web Services, if IP address ranges are required, Amazon document the IP address ranges they use on their website.

Streaming Port Requirements

If you are deploying EMIS streaming technologies to synchronise data from legacy systems such as EMIS PCS you will need the following ports in addition to the table above.


Inbound Service (EMIS - - > Site)

Application

Port(s)

Protocol

IP Source Network

IP Destination Network

Clinical Record Streaming Inbound

33953

TCP

Table 1

Practice Clinical Server

Outbound Service (Site - - > EMIS)

Application

Port(s)

Protocol

Destination Network

Clinical Record Streaming Outbound

33957

TCP

Table 1

Support of EMIS Services

SDS is a local dedicated software deployment system that facilitates a pre-fetch of clinical client patches so clients can effectively patch locally and also provides EMIS Web Patient caching and Business Continuity services.


To be able to support this EMIS request the following access:

Application

Port(s)

Protocol

IP Source Network

IP Destination Network

Microsoft RDP

3389

TCP

Table 1,2

GP Surgery

Virtual Network Computing

5900

TCP

Table 1,2

GP Surgery

Proxy/Cache configuration


EMIS cannot guarantee that all software services will work with all 3rd party web proxies. EMIS recommend that proxy services are configured to exclude the ranges in Table 1 and Table 3.

EMIS Web Client Configuration

The EMIS Web client uses the UDP ports in the table below for a number of client to client real functions, therefore following ports must be allowed on the inbound and outbound on the workstation on your local LAN. For the features listed to work, an EMIS Web spoke would need to be in place to allow this functionality across sites in the case of branch practices.

Application

Port(s)

Protocol

IP Source Networks

Appointment Messaging

8088

UDP

Local site(s)

Appointments LED Board

8089

UDP

Local site(s)

Patient Admin Messaging

8090

UDP

Local site(s)

Care Record Messaging

8091

UDP

Local site(s)

Patient API Messaging

8092

UDP

Local site(s)

UDP Forwarder Service

8221

TCP/IP

Main/Branch sites(s)

 

Page Source

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article