# Network Architecture

![MedCo Network Architecture](https://3291053768-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Lk4c5V-JXuVKRYCJWrb%2F-MT61KQqjOdPi4JaYDWj%2F-MT6RWb7TVNMmAqI6klp%2FNetwork%20Architecture.png?alt=media\&token=275ac5b7-6935-4cd0-b7d6-80d59e72168f)

## External Entities

Entities that need to connect to a machine running MedCo can be categorized as follow:

* **System administrators**: Persons administrating the MedCo node. Likely to remain inside the clinical site internal network.
* **End-users**: Researchers using MedCo to access the shared. Likely to remain inside the clinical site internal network.
* **Other MedCo nodes**: MedCo nodes belonging to other clinical sites of the network.

## Firewall Ports Opening

The following ports should be accessible by the listed entities, which makes IP address white-listing possible:

* Port 22, 5432 (TCP): System Administrators
* Port 80 (TCP): End-Users (HTTP automatic redirect to HTTPS (443))
* Port 443 (TCP): System Administrators, End-Users, Other MedCo Nodes
* Ports 2000-2001 (TCP): Other MedCo Nodes