Security Information


Personal Firewall/Internet Security

Personal Firewall software will need to be configured to ensure that connection to IRESSTrader is successful. Firewall is a protective boundary that monitors and restricts information that travels between your computer and a network or the internet. Please ensure system network or personal firewall are set to allow site- "*.iress.com.au" and port 6080 or 80.

Additional information as follows:

Network IP Address

  • Melbourne: 203.32.184.0/255.255.255.0
  • Sydney: 203.32.185.0/255.255.255.0

It is recommended to use "Networks" instead of "Hosts" in configuration of firewall rules.

Open a port through Windows Firewall

  • Name: IRESSTrader
  • Remote Port number: 6080>
  • TCP

DNS

  • PDS: research.iress.com.au
  • Data Feed: webdf.iress.com.au
  • Web server: web.iress.com.au

The main purpose of various internet security tools is to help protect computers against viruses and other security threats. IRESSTrader users may install different brands of software, but the configurations are all based on the same concept. That is, to go to the internet security software configuration/options and configure IRESSTrader as a Trusted Zone/Site/Allow Cookies/Privacy/Security. To find out how to configure the installed internet security tools, please consult the documentation or service provided by the third party program.

Firewall and Network Configuration

The client software will attempt to initiate a direct socket connection to port 6080 on the Data Feed server. When a direct connection is unavailable, a lower quality connection will be established via port 80 using the HTTP protocol. This connection will work via the same proxy used to retrieve web pages for the browser.

The direct connection via port 6080 is the recommended connection type for the most efficient operation of the product.  Four conditions are necessary to use this product from behind a corporate firewall using port 6080:

  • The firewall must allow the users to establish an outbound TCP connection to the Data Feed server(s) on port 6080. All communications to the data is accomplished via this single connection, and can only be established from inside the firewall. Data Feed servers never initiate the connection to the desktop.

  • The firewall must be capable of operating in a "transparent" mode; i.e., it must look like a router to the network even if it is an application proxy type of firewall. Some, but not all proxy-based firewalls can be configured to operate in the required manner.

  • The users' network must be configured to route packets addressed to non-local networks through their Internet firewall. To accomodate the connection to a remote server the local LAN must be ready to handle traffic addressed to non-local hosts. A "default route" may or may not be currently configured on a corporate LAN where a proxy-based firewall is used.

  • The opening of a specified port on a firewall to initiate outward bound connection to a remote server does not pose a security threat to the local intranet/WAN. Special dispensation should be only provided to the server "WEBDF.IRESS.COM.AU", ie the ability to connect to port 6080 on that address. No inward bound connection can be instantiated by a remote address. This works in much the same manner a port 80 on a proxy server.

With either connection (port 6080 or HTTP port 80), the firewall being used must not remove Java applet tags from incoming HTML. Some firewalls can be configured to strip Java applet tags from incoming pages. This product cannot work through such a firewall unless special dispensation is given to HTML from the source server (WEB.IRESS.COM.AU).