IT Prerequisites

General Information

Integration and connection of TELSCOPE to Ships IT-Infrastructure shall be done in cooperation with and be approved by the ship owners IT-department securing that the Installation complies to IT and Cyber Rules and recommendations.
TELSCOPE can work as a "Single Setup" with one TELSCOPE server or "Dual Setup" with two TELSCOPE servers for certain specific requirements and solutions with  connections to shore. 

Shore Connection

TELSCOPE communicates with a cloud based shore system through an encrypted VPN connection. It exchanges data and receives TELSCOPE and operating system updates.
The relevant IP addresses of the shore system are mentioned below.
The ship's network administrator must be aware of the installation and will usually have to add some firewall rules to allow TELSCOPE to connect to shore and make it available on the ship's network.

Accessing TELSCOPE onboard

TELSCOPE is a web application and needs to be accessible for the users onboard.

TELSCOPE is available through a URL on the form https://[IMO number].telscope.online. For smaller ships without IMO number, the URL will be on the form https://[call sign].telscope.online.
Telko automatically deploys HTTPS certificates in order to encrypt the communication between the servers and the clients.

DNS

Telko will add DNS records for this domain pointing to the local IP addresses of TELSCOPE's server. The DNS service on board needs to  resolve this domain correctly. If public DNS is not available on the ship's network or DNS names resolving to private IP address are blocked, it's the ship's network administrators responsibility to add the DNS name to a local DNS server. In that case, the domain should point to the IP of the server that was registered with the ship's IMO number first during installation on board (server's on-screen setup wizard). We refer to this server as the primary server and it's indicated on the overview page

Outbound firewall requirements

In case where there is any restrictions on outbound network traffic, TELSCOPE
requires outbound access to the following IPs:

  - 15.197.174.180
  - 3.33.182.67
  - 13.48.125.200
  - 13.49.186.44
  - 13.51.16.167

We do not recommend restricting traffic to these IPs by port or protocol as
these are subject to change (with due notice) and there should not be any real
security benefit to further restriction.

In the case where it is strictly required to further limit outbound access, the
port range currently in use by TELSCOPE is TCP and UDP port 820-830. In
addition, we recommend allowing ICMP traffic as it's helpful in diagnosing any
network issues.