Prerequisite Ports and FQDNs for Enterprise DLP
Focus
Focus
Enterprise DLP

Prerequisite Ports and FQDNs for Enterprise DLP

Table of Contents


Prerequisite Ports and FQDNs for Enterprise DLP

Allow access to the following IP addresses and open ports required to successfully forward traffic to Enterprise Data Loss Prevention (E-DLP).
Firewalls managed by a Panorama™ management server or Strata Cloud Manager need to access the following FQDNs and ports open on the network to successfully forward traffic for inspection by the DLP cloud service.
FQDNsPorts
  • http://ocsp.paloaltonetworks.com
  • http://crl.paloaltonetworks.com
  • http://ocsp.godaddy.com
  • http://crl.godaddy.com
TCP 80
  • https://api.paloaltonetworks.com
  • https://apitrusted.paloaltonetworks.com
  • certificatetrusted.paloaltonetworks.com
  • certificate.paloaltonetworks.com
  • hawkeye.services-edge.paloaltonetworks.com
  • dlp.hawkeye.services-edge.paloaltonetworks.com
  • ace.hawkeye.services-edge.paloaltonetworks.com
  • urlcat.hawkeye.services-edge.paloaltonetworks.com
  • enforcer.hawkeye.services-edge.paloaltonetworks.com
TCP 443