Here's a brief summary of some frequently asked questions around network requirements, including some security considerations, in relation to Blocks itself as well as other subsystems sometimes used with Blocks.

Blocks typically run over regular Ethernet networks (or wifi, if required). It uses industry standard IP protocols (UDP and TCP). Most traffic is of "web browser" type, with the exception being more exotic optional devices, such as MODBUS, ArtNET, WATCHOUT, etc.

Some devices or functions use UDP broadcasts. E.g., wake-on-lan used by PIXILAB Player, some smart displays and Dataton WATCHOUT as well as ArtNET, or multicast (Dataton WATCHOUT). If used, such features must be allowed on the network for those functions to work properly.

Yes, DHCP is recommended to avoid having to hard-code IP addresses for each device. To use bring-your-own devices, a local DNS is useful to avoid having to enter the IP address of the Blocks server in the browser. Alternatively, make your Blocks server accessible from the Internet, and use a regular, external DNS name.

Yes, you can use separate DHCP and DNS, if desired. There's nothing special with those included in our Linux server image. Any DHCP and DNS will do, assuming they are properly configured.

Bandwidth requirements depend on the maximum number of simultaneous clients to be expected as well as the maximum bitrate of your content. Just multiply those for a ballpark figure for what bandwidth is needed, then factor in some reasonable overhead, such as 2x. If you want to have good headroom, you can run a 10 gigabit trunk from the server to the first switch switch, then gigabit from that switch downstream to sub-switches (if any) and players.

For basic functionality of our Linux based server, only standard web browser ports are required. For HTTP that means port 80. If you need HTTPS (requires SSL certificate and a domain name), then port 443 will be required. Other functions (such wake-on-LAN) are optional. If you do need this to power up players, smart screens or other devices, the network must allow for wake-on-LAN "magic packets" broadcasts. Network (PXE) booting of PIXILAB Player uses the standard TFTP protocol, requiring use of UDP on port 69 plus additional ephemeral ports. This is an optional feature, which can be avoided by booting from USB or other local storage instead.

Yes. Learn more about how to enable and use HTTPS here. Keep in mind that this encryption applies only to client-to-server communication. Some other (optional) protocols supported by Blocks, such as ArtNET and MODBUS, does not support encrypted connections. Hence, to make sure such connections (if used) can not be accessed by unauthorized visitors, you're strongly advised to segment your network into a visitor subnet – used only for encrypted connections – and a control subnet used for such unencrypted data.

Yes. Learn more about how to configure various SSO-providers here:

• ADFS.
• OKTA
• Keycloak

We're including Anydesk, an excellent 3rd party remote management program, on our Linux server image. By default, Anydesk is disabled. It can be enabled on demand or on server start (e.g., for unattended access). If you want to use Anydesk, find its port requirements and other details under "Which ports does AnyDesk use?" here: https://support.anydesk.com/FAQ