We that our customers need to be confident that they are communicating with nBold in a secure environment. This document outlines the key aspects of our network security.
All the traffic from and to the nBold platform is encrypted (and HTTPS protocol enforced), using TLS v1.2, ensuring secure communication between our customers and our platform. To do so, we’re using Azure Front Door as the only entry point to the app (web apps and API).
You can review online our latest Certificate Report
You can see a detailed report of our SSL certificate using this free online service that performs a deep analysis of the configuration of our SSL:
Launch Qualys SSL Server Test
While we've prevented rogue traffic from accessing our servers and network, it’s still possible for external services to block anyone else from using our service by creating a distributed, denial-of-service attack.
To prevent this, we're using Azure Traffic Manager as a first level of protection.
Learn more about Azure Traffic Manager
Domains allow list is one of the most effective methods of ensuring this and prevents any internet traffic intended for nBold from being hijacked or rerouted to a rogue website.
Our complete portfolio of domains is outlined below to help our customers configure their corporate network security components.
This information is subject to change and we recommend that you check back quarterly for the addition of new domains.
nBold App and API
- Domains/Hosts: *.salestim.io
- Justification/Purpose: nBold main web application for Microsoft Teams
- Domains/Hosts: *.nbold.co
- Justification/Purpose: nBold documentation embedded into the Microsoft Teams app
Microsoft Azure Application Insight
- Justification/Purpose: Azure service used by nBold to collect anonymous performance metrics, telemetry and application logs/traces. More infos
Microsoft Azure Blob Storage
- Domains/Hosts: stappsaprd.blob.core.windows.net
- Justification/Purpose: Storage used by nBold to store templates pictures/icons
Microsoft Graph API
- Domains/Hosts: graph.microsoft.com
- Justification/Purpose: API used by nBold to interact with Microsoft 365 services
- Justification/Purpose: Used by nBold to bring an embedded support system into the app, and connect end-users and administrators with our support team.
IP ranges allow list
IP ranges allow list is one of the most effective methods of ensuring this and prevents any internet traffic intended for nBold from being hijacked or rerouted to a rogue website.
Our public app and API services are exposed and protected by Microsoft Azure Front Door. Therefore our public IP ranges are publicly documented by Microsoft.
This information is subject to change and we recommend that you check back quarterly for the addition or update of IP ranges.
To retrieve them:
- Download the Azure IP Ranges and Service Tags
- Locate the
- Get IP ranges from the
You can also automate the extraction of these IP ranges, using one of these three options.
Automate via REST interface
Automate via Powershell
Get-AzNetworkServiceTag -Location <String>
Automate via az cli
az network list-service-tags --location [--subscription]