beginning of content:

Determining Required Bandwidth

Bandwidth is the measure of a network’s capacity or utilization, usually measured in terms of bits per second.

The average estimated bandwidth used by the CB Secure Browser is shared in the table below. Your network design for digital testing should have enough available bandwidth to support these values.

The specifications on this page apply to the 2018-19 school year.

Average Estimated Bandwidth Used

Students Testing Concurrently During Testing During Subsequent Startup
1 5–15K bits/second 8K bits/second
50 250–750K bits/second
(0.25–0.75M bits/second)
400K bits/second
100 500–1500K bits/second
(0.5–1.5M bits/second)
800K bits/second

Bandwidth Note

Bandwidth consumed by opening the secure browser and accessing a test for the first time is significantly more than when it is opened and accessed again because a lot of non-test content must be cached when the CB Secure Browser is first accessed.

Whitelisting URLs for the TA and Student Testing Sites

Use a wildcard to whitelist these URLs at the root level because testing servers and satellites may be changed during the school year:

  • *
  • *
  • *
  • *

Wireless Networking

The table below lists network topology recommendations.

Recommended Ratios of Devices to Wireless Access Points

Testing Device Ratio of Devices to 802.11g WAP Ratio of Devices to 802.11n WAP
802.11g 20 40
802.11n 20 40
Mix of 802.11g and 802.11n 20 40-50*
802.11ac Under investigation Under investigation

*Depends on the mix of wireless cards

Required Ports and Protocols

The table below lists the ports and protocols used by the test delivery system. Ensure that all necessary content filters, firewalls, and proxy servers are open.

Ports and Protocols for Test Delivery System

Port/Protocol Purpose
80/TCP HTTP (initial connection only)
443/TCP HTTPS (secure connection)

Configuring for Certificate Revocations

AIR's servers present certificates to the clients. To check those certificates for revocation, use a certificate revocation list or an online certificate status protocol.

Certificate Revocation List

To use a certificate revocation list, your firewalls must allow this URL:

Online Certificate Status Protocol (OCSP)

To use the OCSP, your firewalls must allow the domain names listed below. These patterned URLs are preferred because they are more robust:

  • *
  • *
  • *

If necessary, you can use fully qualified URLs instead:


More Help