The appliance is designed to be installed within your own security perimeter. It has its own firewall installed to only allow ingress to ports that are required for its management, monitoring and Speech APIs.


The appliance uses a microservices architecture running on a customized Ubuntu machine. AppArmor default security policies are used to protect the OS and running applications on the appliance.

Data on the appliance (including audio and video data that is submitted via the Speech API, logs, and output transcripts) are encrypted on disk.

Ports and Protocols

There are several firewall rules that may need to be enabled to ensure the communication can be made to the virtual appliance. If you setup HTTPS as described in the 'SSL Configuration' section of these docs then you only need to expose port 443.

8080/TCPUsed for the Management API to manage the virtual appliance
3000/TCPMonitoring (Glances)
8082/TCPREST Speech API for batch ASR
9000/TCPWebsocket Speech API for real-time ASR
443/TCPUsed for HTTPS communication with all of the above services