Overview

If your environment uses a firewall to manage network traffic, you may need to implement an exception for ALL applicable entries. To ensure uninterrupted access to Silo, please configure your firewall settings to allow traffic to/from specific IP addresses associated with our service. 

 

IP Addresses to Allowlist

Please allow traffic from the follow IP addresses to ensure access to the Silo web isolation platform:

 

92.119.244.0 /24184.95.48.17823.235.225.17834.135.3.21635.246.2.137
92.119.245.0 /24184.95.48.20223.235.226.9035.185.254.17935.246.47.160
104.155.106.249194.32.244.234.147.167.22235.231.117.22352.194.236.12
104.155.196.156194.32.244.334.147.188.3235.231.137.11913.239.146.29
104.155.196.214194.32.245.234.64.234.3866.85.157.1213.54.16.216
104.196.45.238194.32.245.334.64.32.17666.85.157.13130.211.64.174
104.196.50.57194.32.247.234.82.129.18234.120.76.49130.211.176.14
104.198.102.199194.32.247.334.84.170.6434.133.167.2103.112.51.89
104.198.108.190198.24.179.234.84.170.65104.154.39.24734.105.243.100
104.199.158.183198.24.179.334.84.175.24135.192.140.034.105.243.101
104.199.169.130198.24.179.2034.84.58.1335.192.87.85119.81.23.186
66.85.157.14




Note: As with all cloud-based software, our global infrastructure is regularly maintained and updated. As such, this list is subject to change. For organizations that apply strict firewall configurations, we recommend that you regularly check this page for updates to this IP address list.


Domain Names

In addition to making any necessary firewall updates that facilitate IP-based network traffic, we recommend that the following domain names be broadly added to your Allow List using a wildcard entry as shown in the following examples:

*.authentic8.com

*.a8silo.com

*.getsilo.com

extapi.authentic8.com 

 

Connection Type

Silo uses a TLS connection over port 443 (HTTPS) with the Web Client, while the Installed Client uses a custom network protocol over port 443. The web client also requires secure Web Socket (WSS) to be enabled.


We recommend creating a full exception in order to prevent connection issues with various Silo client types.

 

SSL Inspection

For customers who use Authentic8's installed Silo Windows Client, we recommend that you use the latest version. For usage of Silo Windows Client v2.9.12 and older, SSL inspection (e.g., SPI/DPI) must be disabled for Silo connections. For usage of Silo Windows Client v2.9.13 and newer, refer to this article: Server Certificate Validation

 

Frequently Asked Questions:

Q: Why do I need to provision these IP addresses into the Network Allow List?

A: Allowing traffic from these specific IP addresses ensures a secure and reliable connection between your system and Silo, preventing interruptions in service and enhancing overall performance.


Q: How often does the IP address list change?

A: While changes are infrequent, we recommend that you check for updates periodically, especially before implementing any significant firewall rule changes. Generally, Authentic8 strives to update this support article at least 30-days prior to the inclusion of any new IP addresses in its public-facing infrastructure.


Q: What happens if I don't add these IP addresses to the Network Allow List?

A: Failure to provision these IP addresses may result in connectivity issues and interruptions in accessing Silo. To avoid any service disruptions, it is crucial to keep your firewall settings up to date


Additional Notes  

Please contact Support if you have any additional questions and/or require further information.