threatER Firewall and VPN Settings | threatER Documentation

To ensure your threatER services function correctly, please update your firewall and
VPN settings to allow outbound traffic to the following IPs and domains.

Configuration Requirements

Please ensure that outbound traffic is permitted for all of the following resources:

Resources (IPs/Domains)	Traffic/Protocol/Port Requirements	Products
*.apps.threater.ai	TCP traffic on ports 80 and 443	EnforceDNS Portal
45.39.53.53	UDP traffic on port 53 and TCP traffic on ports 53 and 443	EnforceDNS Resolver IP Address
35.71.179.113	UDP traffic on port 53 and TCP traffic on ports 53 and 443	EnforceDNS Resolver IP Address
dns.anycast.threater.ai	UDP traffic on port 53 and TCP traffic on ports 53 and 443	EnforceDNS Resolver FQDN
protect-updates.apps.threater.ai	TCP traffic on port 443	EnforceDNS Agent Updates
api.threater.ai	TCP traffic on port 443	threatER API Service
portal.threater.com	TCP traffic on port 443	Enforce Portal
rms.threater.com	TCP traffic on port 443	Enforce Portal
support.threater.com	TCP traffic on port 443	threatER Support Portal
ati-files-prod.s3.amazonaws.com	TCP traffic on port 443	Collect Data
s3-w.us-east-1.amazonaws.com	TCP traffic on port 443	Collect Data
s3-1-w.amazonaws.com	TCP traffic on port 443	Collect Data
archive.ubuntu.com	TCP traffic on ports 80 and 443	Ubuntu
changelogs.ubuntu.com	TCP traffic on ports 80 and 443	Ubuntu
esm.ubuntu.com	TCP traffic on ports 80 and 443	Ubuntu
security.ubuntu.com	TCP traffic on ports 80 and 443	Ubuntu
us.archive.ubuntu.com	TCP traffic on ports 80 and 443	Ubuntu

In addition to the above, the following are required if you are using the Enforce software:

Resources (IPs/Domains)	Traffic/Protocol/Port Requirements	Products
52.20.126.79 52.45.212.88 54.85.96.48	TCP traffic on port 443	Enforce Portal
44.198.117.145 52.70.145.122 52.205.79.226	TCP traffic on port 443	Support Portal
91.189.92.22 91.189.92.23 91.189.92.24 91.189.91.81 91.189.91.82 91.189.91.83 185.125.190.81 185.125.190.82 185.125.190.83	TCP traffic on ports 80 and 443	Ubuntu Security
91.189.91.46 91.189.91.47 91.189.91.48 91.189.91.49 185.125.190.17 185.125.190.18 185.125.190.23 185.125.190.24 185.125.190.49 185.125.190.75	TCP traffic on ports 80 and 443	Ubuntu Release

If your organization uses SSL inspection, please ensure these domains and IPs are
included in your allowlist to prevent connection issues.

Additional VPN Settings

GlobalProtect VPN by Palo Alto Networks

In VPN Client Policy, the DNS server control setting Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows only) should NOT be checked.

Confirming the Configurations

After your firewall and VPN settings have been configured, use the Infrastructure Connectivity Test Guide to confirm.