Network Communication Used by Jamf Protect

The Jamf Protect agent uses the following network communication protocols:

  • All network communication is transmitted over TCP port 443 on computers. On computers with macOS 10.13.4 or earlier, port 8883 is used.

  • If your environment uses transparent or explicit TCP proxies, you can enable WebSockets to secure communication via WebSocket communication protocol.

  • Depending on the region your Jamf Protect tenant is located in, the Jamf Protect agent communicates with different AWS domains.

Note:

HTTPS Interception (SSL Inspection) is not supported for connections to Jamf Protect. If client HTTPS traffic traverses a web proxy, you must disable HTTPS Interception for connections to Jamf Protect

Network Communication by Region

The following tables list which domains and ports are used by Jamf Protect in each AWS region.

US-East-1

Domain

Port

Protocol

Description

a3bwx220ks5p1x-ats.iot.us-east-1.amazonaws.com

443 or

8883 (macOS 10.13.4 or earlier)

TCP

Used for primary communication with the Jamf Protect agent.

shared-jamf-jpt-generic-packages.s3.amazonaws.com

443

TCP

Used to automatically send Jamf Protect agent updates to computers.

prod-use1-jamf-jpt-configs.s3.amazonaws.com

443

TCP

Used to send configuration updates to computers.

EU-West-2

Domain

Port

Protocol

Description

a3bwx220ks5p1x-ats.iot.eu-west-2.amazonaws.com

443 or

8883 (macOS 10.13.4 or earlier)

TCP

Used for primary communication with the Jamf Protect agent.

shared-jamf-jpt-generic-packages.s3.amazonaws.com

443

TCP

Used to automatically send Jamf Protect agent updates to computers.

prod-euw2-jamf-jpt-configs.s3.amazonaws.com

443

TCP

Used to send configuration updates to computers.

EU-Central-1

Domain

Port

Protocol

Description

a3bwx220ks5p1x-ats.iot.eu-central-1.amazonaws.com

443 or

8883 (macOS 10.13.4 or earlier

TCP

Used for primary communication with the Jamf Protect agent.

shared-jamf-jpt-generic-packages.s3.amazonaws.com

443

TCP

Used to automatically send Jamf Protect agent updates to computers.

prod-euc1-jamf-jpt-configs.s3.amazonaws.com

443

TCP

Used to send configuration updates to computers.

AP-Northeast-1

Domain

Port

Protocol

Description

a3bwx220ks5p1x-ats.iot.ap-northeast-1.amazonaws.com

443 or

8883 (macOS 10.13.4 or earlier

TCP

Used for primary communication with the Jamf Protect agent.

shared-jamf-jpt-generic-packages.s3.amazonaws.com

443

TCP

Used to automatically send Jamf Protect agent updates to computers.

prod-apne1-jamf-jpt-configs.s3.amazonaws.com

443

TCP

Used to send configuration updates to computers.

AP-Southeast-2

Domain

Port

Protocol

Description

a3bwx220ks5p1x-ats.iot.ap-southeast-2.amazonaws.com

443 or

8883 (macOS 10.13.4 or earlier)

TCP

Used for primary communication with the Jamf Protect agent.

shared-jamf-jpt-generic-packages.s3.amazonaws.com

443

TCP

Used to automatically send Jamf Protect agent updates to computers.

prod-apse2-jamf-jpt-configs.s3.amazonaws.com

443

TCP

Used to send configuration updates to computers.

For related information, see the following articles from Apple's support website for additional ports that must be safelisted: