Description:
This solution answers a some of the questions regarding how the WolfBox operates on a network and addresses some of the security questions associated with any network-enabled device.
Process:
1) Which specific ports will need to be opened through our firewall to allow communication to the WolfBox from the web?
Port 443. The WolfBox uses WSS, which protects network traffic using TLS, to communicate with the AstroPrint servers. This is the same port used by HTTPS, so the firewall should already be open for this port under typical circumstances. In order to locate the WolfBoxes easily, the network should also support multicast DNS (mDNS for Windows and Bonjour for Mac).
2) What security protocols are in place on the WolfBox? How are updates handled on the device?
The device uses SSL protocol to communicate with the outside network. All traffic brought in and sent out of the network is encrypted. Traffic within the network is not encrypted. We will be adding password protection to the WolfBox in the future, but currently it is open within the local network once the user knows its IP. Access to the files stored on the Cloud is protected by username/password of the user's AstroPrint account, local files on the WolfBox are available to everyone on the local network. Updates are frequently released. Currently, users need to manually check if one is available by going to the side menu and clicking Settings, then going to Update, and finally check for Updates. In the future, the WolfBox will let users know when an update is available.
3) Are there any default passwords on the WolfBox which will need to be modified?
Not now. In a future release, a device password will be introduced and this will need to be modified (or disabled) during the setup process.
4) Does the WolfBox need a static IP address?
No. It would use the DHCP server provided by the network it is wirelessly connected to (or plugged in to with an Ethernet cable). You can usually set up a static route for the WolfBox in your router's configuration. This will require the MAC address of the WolfBox, which can usually be found on your router's connected devices page once it is connected.
5) Does/can the WolfBox initiate an internet connection to the AstroPrint servers, either under the control of a logged on user or remotely without the user logged on?
As long as a user is logged in and internet is reachable, the WolfBox will try to connect to the server on bootup. It will also retry a few times if connection is lost. If the user is logged out, no connection is established.
6) Can the WolfBox be remotely controlled by the AstroPrint server software, other than when a gcode file is being sent to the printer?
Users can monitor print progress, take pictures (if camera is attached), tweak temperatures, pause, or cancel the print. Currently, all other controls must be done from within the local network. In upcoming releases, users will be able to control the printer remotely over the internet, including starting prints once the bed is confirmed clear.
7) Are there required background software downloads that are remotely scheduled or initiated either by the WolfBox or the AstroPrint servers, either associated with a print or other maintenance/housekeeping functions, that are not initiated by a logged on user?
All actions are initiated by users (including software upgrades). Only keeping the connection open to AstroPrint servers is done automatically, and only when a user is logged into the box.
Please open a Tech Ticket if you have any questions.