Configuration requirements for connections to IBM Support Insights
TSA connects to IBM® Support Insights through a direct connection or a user-supplied proxy that you must configure to allow communication with IBM. If you are using a proxy, TLS/SSL inspection is not supported. Any requests through a proxy must be allowed to flow directly to IBM without TLS/SSL termination.
Ensure that your firewall allows connections to the IBM server hostname and IP
addresses as explained in the Network
connections table. If your network does not allow access to the IBM servers, TSA transactions
to IBM Support Insights fails.
| DNS name | IP address | Port | Protocol |
|---|---|---|---|
| esupport.ibm.com | 192.148.6.11 | 443 | HTTPS (to IBM) |
Note: It is recommended to use the DNS name esupport.ibm.com, rather than the IP address, in case this IP
address changes in the future.
The IBM server environment is fully NIST SP800-131A compliant.
It supports TLS 1.3 protocol, SHA-256 or stronger hashing functions, and at least 2048-bit strength
RSA keys.Note: SSL inspection is not supported, if you are using the SSL inspection on the proxy, disable it
for these flows.
For Blue Coat proxies, disable "protocol detection" to IBM servers. Add these configuration
rules:
- url.domain=esupport.ibm.com detect_protocol (none)
- url.address=192.148.6.11 detect_protocol (none)