This document provides endpoint information needed to allow Silo connections from behind a firewall. If your environment utilizes a firewall to manage network traffic, you may need to implement an exception for ALL applicable entries.



Domain Names

Domain names can be broadly whitelisted using a wildcard entry as shown in the following examples:





Connection Type

Silo uses a TLS connection over port 443 (HTTPS) with the Web Client, while the Installed Client uses a custom network protocol over port 443. We recommend creating a full exception in order to prevent connection issues with various Silo client types.


SSL Inspection

SSL inspection (e.g. SPI/DPI) will need to be disabled for Silo connections.


NOTE: This rule does not apply to Silo Windows Client version 2.9.13 and newer. Please see this article: for additional information.


External API

Some customers may need to whitelist our External API endpoint in order to use other Silo services. 

An exception for the following domain will be needed:


IP Addresses

Please make sure to allow access to TCP port 443 for the following entries:


Web Client IP (


Authentic8 registered IP address space: /22 /22 /22


Third Party Provider:

Additional Third Party Provider IPs in service December 6, 2023



Legacy IP addresses:

* If you are using the legacy load balancers, you may need to create an exception for the following entries: /29


Additional Notes  

Please contact Support if you have any additional questions and/or require further information.