If your Network environment uses a firewall to manage traffic, please configure a full exception for all applicable Silo entries in this documentation. To maintain uninterrupted access, ensure your firewall allows bi-directional traffic (to and from) for the IP addresses and domains associated with our service
IP addresses for AllowList Provisioning
Please allow traffic from the following IP addresses to ensure access to the Silo web isolation platform:
13.239.146.29
13.54.16.216
23.235.225.178
23.235.226.90
34.105.243.100
34.105.243.101
34.120.76.49
34.133.167.210
34.135.3.216
34.147.167.222
34.147.188.32
34.64.234.38
34.64.32.176
34.82.129.182
34.84.170.64
34.84.170.65
34.84.175.241
34.84.58.13
35.185.254.179
35.192.140.0
35.192.87.85
35.231.117.223
35.231.137.119
35.246.2.137
35.246.47.160
66.85.157.12
66.85.157.13
66.85.157.14
92.119.244.0 /24
92.119.245.0 /24
104.154.39.247
104.155.196.156
104.155.196.214
104.196.45.238
104.196.50.57
104.198.102.199
104.198.108.190
104.199.158.183
104.199.169.130
130.211.176.14
184.95.48.178
184.95.48.202
194.32.244.2
194.32.244.3
194.32.245.2
194.32.245.3
194.32.247.2
194.32.247.3
198.24.179.2
198.24.179.20
198.24.179.3
Best Practice: Our infrastructure is regularly maintained and updated — the list is subject to change on as-needed basis. We recommend that you regularly check this page for any updates to the IP address table
Domain Names
Along with the IP addresses, please add the following domain names to your AllowList — using wildcard entries where applicable is recommended
*.authentic8.com
*.a8silo.com
*.getsilo.com
extapi.authentic8.com
Important: For the Silo Web Client, please make sure to also provision these domains in the AllowList table for all applicable Pop-up Blocker(s)
Connection Type
Silo uses a TLS connection over port 443 (HTTPS) with the Web Client, while the Installed Client uses a proprietary network protocol over port 443. The Web Client also requires secure Web Socket (WSS) to be enabled
Important: An environment-wide Network exception is strongly recommended in order to mitigate any connection issues with various Silo web services
SSL Inspection
We recommend using the latest client version whenever possible. For Silo Windows client v2.9.12 and older, SSL Inspection (e.g., SPI/DPI) must be disabled in order to allow Silo connections. For Silo Windows client v2.9.13 and newer, please refer to the following documentation for additional configuration options: Server Certificate Validation
Frequently Asked Questions
Q: Why do I need to provision these IP addresses into the Network AllowList?
A: Allowing traffic from the aforementioned IP addresses helps maintain a secure and reliable connection between the customer’s endpoint and Silo’s infrastructure, minimizing service interruptions and improving overall performance
Q: How often does the IP address list change?
A: While changes are infrequent, we recommend periodically checking for updates, especially prior to implementing any significant firewall rule changes. Authentic8 strives to update this support article at least 30-days prior to the inclusion of any new IP addresses in its public-facing infrastructure
Q: What happens if I don't add these IP addresses to the Network Allow List?
A: Failure to provision these IP addresses may result in various connectivity issues and interruptions in accessing Silo. To avoid any service disruptions, it is to keep your Network AllowList up to date
Please contact Support for any additional questions