===Firewall===
'''Required:'''
* Open inbound ports 80 (HTTP), and 443 (HTTPS) to all sources.
* Open inbound port 22 (SSH) to several static IPs from SmartSimple office locations to allow administrative access for SmartSimple staff.
'''Recommended:'''
* Drop all other inbound connections.
'''Required:'''
* Open outbound ports 80 (HTTP), and 443 (HTTPS) to all sources.
* Open outbound port 22 (SSH) to all sources.
* Open outbound port 123 (NTP) to all sources.
* Open outbound port 587 (SMTP) to all sources.
* Open outbound port 8009 (AJP) or other equivalent may be required from the web to the application environment in the case that these are separate environments.
* Open outbound port 3306 (JDBC) may be required from the application to the database environment in the case that these are separate environments.
'''Recommended:'''
* Open outbound traffic to all sources.
===Domain Administration===