Overview
As part of ongoing improvements to our platform, we are introducing Microsoft Azure Front Door alongside additional regional infrastructure.
This enhancement is designed to improve service reliability, performance, and scalability, helping ensure a faster and more resilient experience for all customers.
The change will be implemented through a DNS update only. There will be no changes to existing service URLs.
Once completed, customer traffic will be securely routed through Azure Front Door before reaching the application layer.
Do I Need to Take Action?
You only need to take action before 30 May 2026 if your organisation:
- Restricts outbound traffic using IP allowlists rather than domain names
- Uses local DNS caching on your network
- Uses your own SMTP server with IP-based allowlisting for inbound email from Bromcom
If none of the above apply, no action is required.
Action Required: SMTP Allow listing
If you operate your own SMTP server, you must allow the following IP address to avoid disruption to email delivery from the MIS:
51.141.116.195
Without this change, outbound emails from Bromcom (including reports, notifications, and parent communications) may fail to deliver.
Action Required: Firewall / IP Allow listing
Following the update, your systems will connect via Azure Front Door endpoints instead of our current infrastructure.
If you allow outbound access by domain name (FQDN)
No action is required. This remains the recommended approach from both Microsoft and Bromcom.
If you allow outbound access by IP address
You will need to permit Azure Front Door’s published IP ranges, or use the AzureFrontDoor.Frontend service tag where supported.
As Azure Front Door IP ranges can change regularly, domain-based allowlisting is strongly recommended.
Reference information:
- Microsoft Azure IP ranges: https://www.microsoft.com/en-us/download/details.aspx?id=56519
- Azure Front Door origin security: https://learn.microsoft.com/en-us/azure/frontdoor/origin-security
Action Required: DNS Caching
As this change is being delivered via DNS updates, organisations using local DNS caching should:
- Ensure systems respect DNS TTL values
- Refresh cached DNS entries during the change window if connectivity issues occur
Testing Your Configuration
You can validate your setup now using the following endpoint: https://cloudmis.bromcomcloud.com
This connects to the live MIS environment for connectivity testing only.
Please note:
- It is not a separate test system
- It should not be used for day-to-day access
A successful connection confirms your firewall, proxy, and DNS settings are ready for the change.
What to Expect on the Night
- Change start time: 01:00, Saturday 30 May 2026
- Expected user impact: None
We will actively monitor the platform throughout the change window and confirm completion via our status page.
Should any unexpected issues arise, a rollback plan is in place.
Support
If you have any questions about this change, our Support Team will be happy to help explain what is involved.
Please note that Bromcom is unable to make firewall, DNS, or SMTP configuration changes on your behalf. Any required updates will need to be completed by your internal IT team or third-party provider.