Genesys Cloud Edge network communications

Genesys Cloud Edge provides the following security features regarding networking:

  • Genesys Cloud Edge communicates with only a single proxy service in AWS. This proxy service is the secure front end to Genesys Cloud.

  • All communications use MTLS HTTPS, which provides client authentication.

  • All connections to Genesys Cloud are initiated by the Genesys Cloud Edge device, which eliminates the need to modify your firewall to add static routes or expose the Genesys Cloud Edge device directly on the Internet.

  • Genesys Cloud Edge trusts only the Genesys Cloud Root CA certificate. For any command and control, and event channels, Genesys Cloud Edge trusts only Genesys Cloud. Communications to third-party entities, such as SIP carriers, custom VoiceXML documents, and other Genesys Cloud services are not classified as command and control, and event channels, and do not have the same equivalent restrictions.

For more information, see Ports and services to configure on your company firewall.

Genesys Cloud Edge uses the following network protocols:

Protocol Purpose
MTLS Communications with Genesys Cloud services (control channel)
  • SIP/TLS with digest authentication
  • MTLS

Interaction signaling


The selection of signaling protocol used depends on devices and carrier support/configuration.

SRTP Encryption of media streams