Depending on your network environment settings, you may need to enable network access to the Cortex XSOAR resources.
After you receive your account details, in your firewall configuration, enable and verify access to Cortex XSOAR communication servers, storage buckets, and various resources.
Note
Some of the IP addresses required for access are registered in the United States. As a result, some GeoIP databases do not correctly pinpoint the location in which IP addresses are used. All customer data is stored in your deployment region, regardless of the IP address registration, and restricts data transmission through any infrastructure to that region.
For IP address ranges in Google Cloud Platform (GCP), view the following tables for IP address coverage for your deployment:
https://www.gstatic.com/ipranges/goog.json: IP address subnet ranges
https://www.gstatic.com/ipranges/cloud.json: IP address ranges associated with your region
In your firewall configuration, enable the following resources:
FQDN | Description |
---|---|
<xsoar-tenant>.crtx.<region>.paloaltonetworks.com | Used to connect to Palo Alto Networks. For the relevant region and IP address, see the IP Address to connect to Cortex XSOAR column below. For example, if the region is US, use the 35.244.250.18 IP address. |
api-<xsoar-tenant>.crtx.<region>.paloaltonetworks.com | Used for API requests and responses and to connect to an engine. For the relevant region and IP address, see the API/EDL IP Address column below. For example, if the region is US, use the 35.222.81.194 IP address. |
ext-<xsoar-tenant>.crtx.<region>.paloaltonetworks.com | Used for EDL (long-running integrations). For the relevant region and IP address, see the API/EDL IP Address column below. For example, if the region is US, use the 35.222.81.194 IP address. |
Note
<xsoar-tenant> refers to the chosen subdomain of your Cortex XSOAR tenant, and <region> is the region in which your tenant is deployed.
The port is 443.
Egress is used for communication between Cortex XSOAR and customer resources. For the relevant region and IP address, see the Egress IP Address column below. For example, if the region is US, use 35.225.156.101 and 34.69.88.119.
Region | IP Address to connect to Cortex XSOAR | API/EDL IP Address | Egress IP Address |
---|---|---|---|
AU (Australia) | 34.120.229.65 | 35.189.18.208 |
|
CA (Canada) | 34.120.31.199 | 35.203.82.121 |
|
CH (Switzerland) | 34.111.6.153 | 34.65.248.119 |
|
DE (Germany) | 34.98.68.183 | 34.107.57.23 |
|
ES (Spain) | 34.111.188.248 | 34.175.30.176 |
|
EU (Europe) | 35.227.237.180 | 34.90.67.58 |
|
FA (France) | 34.111.134.57 | 34.155.222.152 |
|
ID (Indonesia) | 34.111.58.152 | 34.128.115.238 |
|
IL (Israel) | 34.111.129.144 | 34.165.156.139 |
|
IN (India) | 35.186.207.80 | 35.200.158.164 |
|
JP (Japan) | 35.241.28.254 | 34.84.125.129 |
|
PL (Poland) | 34.117.240.208 | 34.116.216.55 |
|
QT (Qatar) | 35.190.0.180 | 34.18.46.240 |
|
SA (Saudi Arabia) | 35.244.157.127 | 34.166.58.79 |
|
SG (Singapore) | 34.117.211.129 | 34.87.83.144 |
|
TW (Taiwan) | 34.160.28.41 | 35.234.8.249 |
|
UK (United Kingdom) | 34.120.87.77 | 34.89.56.78 |
|
US (United States) | 35.244.250.18 | 35.222.81.194 |
|
In-app Help Center and notifications
FQDN | IP Addresses and Port |
---|---|
data.pendo.io | Port: 443 |
pendo-static-5664029141630976.storage.googleapis.com | Port: 443 |
Email notifications
IP address for all regions: 159.183.150.248
App login and authentication
FQDN | IP address and port |
---|---|
https://sso.paloaltonetworks.com | Port: 443 |
Required Resources for Federal (United States - Government)
FQDN | IP Addresses and Port |
---|---|
|
|
Used for API requests and responses. |
|
App Login and Authentication | |
| Port: 443 |