Depending on your network environment settings, you may need to enable network access to the Cortex XSOAR resources.
To enable access to Cortex XSOAR components, you must allow access to various Palo Alto Networks resources.
Note
Some of the IP addresses required for access are registered in the United States. As a result, some GeoIP databases do not correctly pinpoint the location in which IP addresses are used. All customer data is stored in your deployment region, regardless of the IP address registration, and restricts data transmission through any infrastructure to that region.
Note
Throughout this topic,
refers to the chosen subdomain of your Cortex XSOAR tenant, and <XSOAR-tenant>
is the region in which your tenant is deployed.<region>
For IP address ranges in GCP, refer to the following tables for IP address coverage for your deployment:
https://www.gstatic.com/ipranges/goog.json—Refer to this list to look up and allow access to the IP address ranges subnets.
https://www.gstatic.com/ipranges/cloud.json—Refer to this list to look up and allow access to the IP address ranges associated with your region.
In your firewall configuration, enable access to Cortex XSOAR communication servers, storage buckets, and resources.
FQDN | IP Addresses and Port |
---|---|
Used to connect to the Cortex XSOAR tenant | IP address by region.
Port—443 |
Used for API requests and responses and to connect to the Cortex XSOAR engine | IP address by region.
Port—443 |
Used for EDL (long running integrations) | IP address by region.
Port—443 |
In-App Help Center and Notifications | |
data.pendo.io | Port—443 |
pendo-static-5664029141630976.storage.googleapis.com | Port—443 |
Email Notifications | |
— | IP address for all regions—159.183.150.248 |
Egress Used for communication between Cortex XSOAR and customer resources | |
— | IP address by region.
|
App Login and Authentication | |
| Port—443 |
Required Resources for Federal (United States - Government) FQDN | IP Addresses and Port | App-ID Coverage |
---|---|---|
|
| No App ID coverage |
Used for API requests and responses. |
| No App ID coverage |
App Login and Authentication | ||
| Port: 443 | No App ID coverage |