iTimekeep Connect requires an outbound connection from the computer it is installed on.
Note: This information only applies if your firewall prevents outbound traffic.
If your firewall prevents outbound traffic, you will have to allow certain outbound connections from iTimekeep Connect to work:
| Rule | Port | Protocol | Direction |
| Allow | 80, 443 | HTTP(s) | Outbound |
| Allow | 9350-9355 | TCP | Outbound |
| Allow | 5671 | TCP | Outbound |
These rules need to be allowed for the computer iTimekeep Connect is installed on.
Note:It is recommended you avoid setting additional instructions as you may experience intermittent service downtime.
It is suggested that your firm does not restrict by domain name, but if your infrastructure requires it to be done, the following table is a list of domains that are currently required to be accessible from the computer where iTimekeep Connect is installed:
| Domain | Owner | Notes |
| *.aderant.com | Aderant | |
| *.aderant.co.uk | Aderant | International Only |
| *.aderant.eu | Aderant | International Only |
| *.aderant.com.au | Aderant | International Only |
| *.aderant.ca | Aderant | International Only |
| *.bellefieldcloud.com | Aderant | |
| *.bellefield.com | Aderant | |
| *.servicebus.windows.net | Microsoft | Infrastructure |
| *.servicebus.windows.net | Microsoft | Infrastructure |
| *.accesscontrol.windows.net | Microsoft | Infrastructure |
| mscrl.microsoft.com | Microsoft | Used for SSL Validation |
| crl.microsoft.com | Microsoft | Used for SSL Validation |
| cdpl.public-trust.com | Verizon (cybertrust.com) | Used for SSL Validation |
Advanced Options (Strongly Discouraged)
Be aware that the more restrictions you place on the machine running iTimekeep Connect, the more likely it is that you will experience intermittent connectivity issues. The following are additional notes regarding further restrictions. Neither of these approaches are recommended:
Restricting by Domain Name
When restricting outbound connections by domain name, try the following if your firm is unable to use wildcard (*):
- services.bellefield.com (North America only)
- itimekeep.aderant.com
- itimekeep.aderant.co.uk (United Kingdom)
- itimekeep.aderant.au (Australia)
- itimekeep.aderant.eu (Europe)
- itimekeep.aderant.ca (Canada)
- bellefield.com
Restricting by IP Address
If your infrastructure requires restricting by IP address, resolve the domains listed above and use their corresponding IP addresses in your firm’s firewall rules. Be aware of the following:
- It cannot be guaranteed that our IP addresses will remain static.
- Aderant recommends domain name-based restriction policies due to the dynamic nature of our cloud deployments. Service names will stay consistent, but the IPs behind the names may not.
- Global distribution means that any of these domains may resolve to a different IP address from a different part of the world and at different times due to traffic and load patterns.