Operation Manual
Chapter 5 Internet services 50
Apple Push Notication Service (APNs)
Many services rely on Apple Push Notication Service (APNs). APNs is a key part of how Apple
devices learn of updates, MDM policies, and incoming messages. In order for your Apple devices
to work with these services, you need to allow network trac from the device to Apple’s network
(17.0.0.0/8) on port 5223, with a fallback option of port 443.
This trac is a secured, binary protocol specic to APNs, and can’t go through a proxy. Attempts
to inspect the trac or reroute it will result in the client, APNs, and push provider servers marking
the network conversation as compromised and invalid.
There are multiple layers of security applied to APNs at the endpoints and the servers.
To read technical information about these precautions, see Local and Remote Notication
Programming Guide.
100% resize factor