Cloud SWG (formerly WSS) Ingress and Egress IP addresses
Article ID: 167174
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
- What are the IP addresses used to connect to the Symantec Cloud SWG?
- What are the data center names and locations?
- What are the Cloud SWG IP addresses and ranges that have to be permitted on firewalls?
- What is a Localization Zone and where are they located?
- What are the Cloud SWG ingress and egress IP subnet ranges?
- What are the IP addresses used by integrated services, such as Web Isolation?
Resolution
Table of Contents
Best Practices based on Connection Type (Access Method)
IPsec
For fault tolerance, fixed site backup connections must have IPsec tunnels to a physically separate compute region relative to your primary site, as well as:
- Only IPsec connections should redirect traffic to an IP address. All other connections should use Cloud SWG data center hostnames.
- IPsec connections are only accepted by the IPsec specific ingress IP addresses in the table below.
- IPsec configurations should have dead peer detection (DPD) enabled and a tunnel monitor (i.e., IPSLA) configured.
- IPsec phase 1 lifetime should be 24 hours, and phase 2 lifetime should be four hours.
- IKEv2 FQDN phase 2 lifetime should be 50 minutes.
- IPsec backup tunnels should never point to the same "compute POP" (data center) that the primary tunnel is going to.
Explicit over IPsec
Explicit traffic redirection within an IPsec tunnel to Cloud SWG should always point to ep.threatpulse.net:80 . For additional information, see the online documentation.
Explicit and Proxy Forwarding
For optimal performance and fault tolerance, explicit traffic should be redirected to proxy.threatpulse.net:8080. This hostname automatically resolves to the nearest Cloud SWG data center based on the geo-location of the client's DNS resolver. In the event of an outage (including planned maintenance), users will be automatically redirected to the nearest available data center.
Should the need to avoid geo-location services with explicit exist, the following Cloud SWG explicit IP addresses indicate the hosts an admin can point to for explicit or proxy forwarded traffic.
SEP Web and Cloud Access Protection
- Explicit Mode (Pac File): For optimal performance and fault tolerance, explicit traffic should be redirected to sep-wtr.threatpulse.net:8080. This hostname automatically resolves to the nearest Cloud SWG data center based on the geo-location of the client's DNS resolver. No manual configuration is required.
- Tunnel Mode: Nearest data center selection is performed automatically by the agent based on the geo-location of the end user's public egress IP address. No manual configuration is required.
WSS Agent
Nearest data center selection is performed automatically by the agent based on the geo-location of the end user's public egress IP address. No manual configuration is required. It is imperative that firewalls allow traffic between the agents and the Cloud SWG Ingress and egress ranges specified below.
Best Practices for Cross-Regional Failover Support for Fixed Locations
In the event of excessive traffic load due to maintenance activities or a GCP regional outage, traffic to a Cloud SWG site can fail over to the designated failover site. In July 2025, Broadcom will enable a new improved cross-regional failover support. To ensure that your traffic fails over to the optimal region, configure your deployment according to the recommendations provided for each access method in the following documentation:
1. Link to the technical document
2. Link to KB Cloud SWG backup locations, hostnames and VIPs for fixed locations.
With Cloud SWG agent (WSSA, ESA) failover is automatic and does not require configuration.
IP Addresses for Cloud SWG-Integrated Services
- Web Isolation: The egress IPs used for Web Isolation sessions triggered by Cloud SWG policy will differ from the list below and are documented here: Web Isolation Cloud Ingress and Egress IP Addresses.
Cloud SWG Portal |
|
| portal.threatpulse.com | 34.49.9.67 |
Cloud Traffic Controller (CTC) |
|
| Primary: ctc.threatpulse.com
Secondary: ctc-uat.threatpulse.com Note: Use the secondary CTC endpoint service to route a subset of traffic from a different egress IP address. See Test Agent Traffic From a New Egress IP Address. |
Primary: 130.211.30.2
Secondary: 34.110.245.218 |
Auth Manager |
|
| auth.threatpulse.com | 34.160.229.36 |
PAC File Management Service |
|
| pfms.wss.symantec.com | 34.120.17.44 |
SGAPI - Used for UPE and Management Center |
|
| sgapi.es.bluecoat.com | 34.49.220.252 |
| sgapi.threatpulse.com | 34.245.151.229 |
Other Miscellaneous Host |
|
| pod.threatpulse.com | 34.8.147.172 34.102.158.11 34.49.209.59 |
Cloud SWG ingress and egress IP addresses
Note: The "ingress ranges" in the fourth column are also the Cloud SWG "egress ranges".
Americas |
|||
| Location (codename) | Compute region | Ingress IP address (IPsec and trans-proxy) | Ingress and egress ranges for other access methods and for auth connector |
| Bogota, Colombia (GCOBO) Localization zone |
Santiago, Chile | 199.116.174.164 | 199.116.174.0/24 2604:b040:13:1b00::/80 |
| Buenos Aires, Argentina (GARBA) Localization zone Dedicated IP site |
Sao Paulo, Brazil | 34.95.226.164 - Retiring on November 15, 2025 34.95.130.164 - New after October 15, 2025 See ingress/egress range(s) for GBRSP |
34.95.226.0/24 - Retiring on November 16, 2025 34.39.171.128/28 - New after October 15, 2025 199.247.32.96/27 - New after October 15, 2025 2604:b040:13:1a00::/80 |
| Columbia, South Carolina (GUSCO) Dedicated IP site Policy Based Routing site |
Columbia, South Carolina | 168.149.137.164 | 168.149.135.0/24 168.149.137.0/24 168.149.138.0/24 168.149.139.0/24 168.149.140.0/24 168.149.141.0/24 2604:b040:13:1d00::/80 |
| Dallas, Texas (GUSDA) | Dallas, Texas | 168.149.128.164 | 148.64.16.0/24 168.149.128.0/24 168.149.129.0/26 2604:b040:13:1f00::/80 |
| Des Moines, Iowa (GUSDM) Dedicated IP site Policy Based Routing site |
Des Moines, Iowa | 199.247.42.164 | 199.247.32.0/24 199.247.33.0/24 199.247.42.0/24 199.247.43.0/24 199.247.44.0/24 199.247.45.0/24 199.116.168.0/24 199.116.169.0/24 199.116.170.0/24 199.116.171.0/24 199.116.173.0/24 148.64.31.0/24 35.192.241.0/24 2604:b040:13:1c00:100::/80 |
| Las Vegas, Nevada (GUSLV) | Las Vegas, Nevada | 168.149.133.164 | 168.149.133.0/24 168.149.160.0/24 2604:b040:13:2200::/80 |
| Los Angeles, California (GUSLA) Dedicated IP site |
Los Angeles, California | 199.19.248.164 | 148.64.18.0/24 199.19.248.0/24 2604:b040:13:2100:1::/80 |
| Mexico City, Mexico (GMXMC) Localization zone Dedicated IP site Policy Based Routing site |
Los Angeles, California - Retiring on November 16, 2025 Dallas, TX - New on October 15, 2025 |
170.176.246.164 - Retiring on November 15, 2025 168.149.128.164 - New after October 15, 2025 See egress/ingress range(s) for GUSDA |
170.176.246.0/24 - Retiring on November 16, 2025 199.247.32.160/27 - Available on October 16, 2025 2604:b040:13:2100::/80 |
| Montreal, Canada (GCAMO) Dedicated IP site |
Montreal, Canada | 199.19.253.164 | 199.19.253.0/24 148.64.21.0/24 2604:b040:13:1800::/80 |
| Portland, Oregon (GUSPO) | Portland, Oregon - Retiring on November 17, 2025 Las Vegas, Nevada - New on October 15, 2025 |
170.176.241.164 - Retiring on November 17, 2025 168.149.133.164 - Available after October 15, 2025 See the ingress/egress ranges for GUSLV |
170.176.241.0/24 - Retiring on November 16, 2025 168.149.164.0/24 148.64.16.0/24 199.247.32.192/26 - Available on October 16, 2025 34.186.10.128/28 - Available after October 15, 2025 35.243.39.240/28 - Retiring on November 16, 2025 2604:b040:13:2000::/80 |
| Santiago, Chile (GCLSA) Dedicated IP site Policy Base Routing site |
Santiago, Chile | N/A | DEI & PBR egress IPs only Site does not allow for ingress. Only egress using DEI or PBR |
| Sao Paulo, Brazil (GBRSP) Dedicated IP site Policy Based Routing site |
Sao Paulo, Brazil | 34.95.130.164 | 34.95.130.0/24 34.95.146.0/24 34.39.161.128/26 2604:b040:13:1a00:1::/80 |
| Toronto, Canada (GCATO) Dedicated IP site |
Toronto, Canada | 168.149.130.164 | 168.149.130.0/24 168.149.131.0/24 2604:b040:13:1900::/80 |
| Washington, DC (GUSAS) | Washington, DC | 170.176.240.164 | 168.149.142.0/24 168.149.143.0/24 168.149.144.0/24 168.149.145.0/24 168.149.146.0/24 168.149.151.0/24 168.149.152.0/24 168.149.153.0/24 168.149.157.0/24 170.176.240.0/24 2604:b040:13:1e00::/80 |
APAC |
|||
| Location (codename) | Compute region | Ingress IP address (IPsec and trans-proxy) | Ingress and egress ranges for other access methods and for auth connector |
| Auckland, New Zealand (GNZAU) Localization zone |
Sydney, Australia | 168.149.170.164 - Retiring on November 15, 2025 103.246.36.164 - Available after October 15, 2025 See ingress/egress range(s) for GAUSY |
168.149.170.0/24 - Retiring on November 16, 2025 34.40.220.240/28 - Available after October 15, 2025 199.247.32.128/27 - Available on October 16, 2025 2604:b040:13:a00:1::/80 |
| Bangkok, Thailand (GTHBA) Localization zone |
Singapore | See ingress/egress range for GSGRS | 168.149.179.64/27 2604:b040:13:800::/80 |
| Beijing, China (ACNBJ) | Beijing, China | 52.131.103.144 | 52.131.103.144/28 52.131.113.48/28 52.131.113.80/28 52.131.113.128/28 52.131.113.144/28 52.131.113.176/28 52.131.113.192/28 52.131.113.208/28 52.131.113.224/28 52.131.113.240/28 52.131.114.0/28 52.131.114.16/28 52.131.114.32/28 52.131.114.48/28 |
| Delhi, India (GINDE) Dedicated IP site Policy Based Routing site |
Delhi, India | 168.149.182.164 | 168.149.182.0/24 168.149.183.0/24 168.149.184.0/24 168.149.185.0/24 168.149.186.0/24 168.149.187.0/24 168.149.188.0/24 168.149.189.0/24 2604:b040:13:700::/80 |
| Hanoi, Vietnam (GVNHA) Localization zone |
Singapore | See ingress/egress range for GSGRS | 168.149.179.96/27 2604:b040:13:800::/80 |
| Hong Kong (GCNHK) Dedicated IP site Policy Based Routing site |
Hong Kong | 103.246.38.164 | 103.246.38.0/24 2604:b040:13:200::/80 |
| Jakarta, Indonesia (GIDJK) | Jakarta, Indonesia | 168.149.180.164 | 168.149.180.0/24 2604:b040:13:900::/80 |
| Kuala Lumpur, Malaysia (GMYKL) Localization zone |
Singapore | See ingress/egress range for GSGRS | 168.149.179.0/26 2604:b040:13:800::/80 |
| Manila, Philippines (GPHMA) Localization zone |
Jakarta, Indonesia | See ingress/egress range for GIDJK | 168.149.181.0/25 2604:b040:13:900::/80 |
| Melbourne, Australia (GAUME) | Melbourne, Australia | 168.149.190.164 | 168.149.190.0/24 168.149.191.0/24 34.129.99.0/24 2604:b040:13:b00::/80 |
| Mumbai, India (GINMU) Dedicated IP site Policy Based Routing site |
Mumbai, India | 148.64.4.164 | 148.64.1.0/24 148.64.4.0/24 148.64.5.0/24 148.64.7.0/24 148.64.12.0/24 148.64.13.0/24 168.149.165.0/24 168.149.166.0/24 168.149.167.0/24 168.149.168.0/24 168.149.172.0/24 168.149.173.0/24 168.149.174.0/24 34.47.128.0/26 2604:b040:13:600::/80 |
| Osaka, Japan (GJPOS) Dedicated IP site |
Osaka, Japan | 98.158.245.164 | 98.158.245.0/24 98.158.246.0/24 103.9.96.0/24 103.9.97.0/24 2604:b040:13:400::/80 |
| Seoul, South Korea (GKRSE) | Seoul, South Korea | 168.149.154.164 | 168.149.154.0/24 2604:b040:13:500::/80 |
| Shanghai, China (ACNSH) | Shanghai, China | 40.72.119.208 | 40.72.119.208/28 40.72.119.224/28 52.130.200.0/28 52.130.200.16/28 52.130.200.48/28 52.130.200.64/28 52.130.200.96/28 52.130.200.128/28 52.130.200.144/28 52.130.200.176/28 52.130.200.192/28 52.130.200.208/28 52.130.200.224/28 52.130.200.240/28 |
| Singapore (GSGRS) Dedicated IP site Policy Based Routing site |
Singapore | 103.246.37.164 | 103.246.37.0/24 148.64.3.0/24 168.149.178.0/24 168.149.150.0/24 2604:b040:13:800::/80 |
| Sydney, Australia (GAUSY) Dedicated IP site |
Sydney, Australia | 103.246.36.164 | 103.246.36.0/24 103.246.39.0/24 170.176.245.0/24 148.64.2.0/24 2604:b040:13:a00::/80 |
| Taipei, Taiwan (GTWTA) Policy Based Routing site |
Taipei, Taiwan | 168.149.155.164 | 168.149.155.0/24 2604:b040:13:100::/80 |
| Tokyo, Japan (GJPTK) Dedicated IP site Policy Based Routing site |
Tokyo, Japan | 223.29.216.164 | 223.29.216.0/24 223.29.217.0/24 223.29.218.0/24 223.29.219.0/24 2604:b040:13:300::/80 |
Europe and Middle East |
|||
| Location (codename) | Compute region | Ingress IP address (IPsec and trans-proxy) | Ingress and egress ranges for other access methods and for auth connector |
| Abu Dhabi, UAE (GAEAD) Localization zone |
Mumbai, India | 168.149.175.164 (Retiring TBD) 148.64.4.164 - Available after TBD date See ingress/egress range for GINMU |
168.149.175.0/24 (Retiring TBD) 34.180.15.224/28 - Available after TBD date 199.19.254.176/28 - Available on TBD date 2604:b040:13:600:1::/80 |
| Amsterdam, the Netherlands (GNLAM) Dedicated IP site |
Amsterdam, the Netherlands | 98.158.252.164 | 98.158.252.0/24 2604:b040:13:1200:1::/80 |
| Ankara, Turkey (GTRAN) Localization zone Dedicated IP site Policy Based Routing site |
Zurich, Switzerland | 46.235.158.192 - Retiring on TBD date 148.64.11.164 - Available after TBD date See ingress/egress range for GCHZU |
46.235.158.192/26 - Retiring on TBD date 185.180.51.0/24 - Retiring on TBD date 199.247.32.64/27 - Available after TBD date 2604:b040:13:1300:3::/80 |
| Athens, Greece (GGRAT) Localization zone |
Frankfurt, Germany | See ingress/egress range for GROBU | 46.235.156.128/27 2604:b040:13:1100:2::/80 |
| Belgrade, Serbia (GRSBE) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 199.116.172.128/27 2604:b040:13:1400::/80 |
| Brussels, Belgium (GBEBR) | Brussels, Belgium | 46.235.155.164 - Retiring on November 16, 2025 148.64.24.164 - Available after October 15, 2025 See ingress/egress range for GGBDO |
46.235.155.0/24 - Retiring on November 16, 2025 148.64.25.0/24 - Retiring on November 16, 2025 34.14.105.128/27 - Available after October 15, 2025 2604:b040:13:f00::/80 |
| Bucharest, Romania (GROBU) Localization zone |
Frankfurt, Germany | 168.149.148.164 - Retiring on TBD date 199.247.38.164 - Available after TBD date See ingress/egress range for GDEFR |
168.149.148.0/24 - Retiring on TBD date 199.19.254.224/27 - Available after TBD date 34.185.131.144/28 - Available after TBD date 2604:b040:13:1100:2::/80 |
| Copenhagen, Denmark (GDKCP) Localization zone Dedicated IP site |
Amsterdam, the Netherlands | 148.64.14.164 - Retiring on November 15, 2025 98.158.252.164 - Available after October 15, 2025 See ingress/egress range(s) for GNLAM |
148.64.14.0/24 - Retiring on November 16, 2025 |
| Dammam, Saudi Arabia (GSADA) Dedicated IP site Policy Based Routing site |
Dammam, Saudi Arabia | 148.64.17.164 | 148.64.17.0/24 2604:b040:13:1600::/80 |
| Doha, Qatar (GQADO) Localization zone |
Dammam, Saudi Arabia | See ingress/egress range for GSADA | 199.19.254.144/28 2604:b040:13:1600::/80 |
| Dover, England (GGBDO) Localization zone Dedicated IP site Policy Based Routing site |
Brussels, Belgium | 148.64.24.164 | 148.64.24.0/24 109.68.59.0/24 109.68.60.0/24 109.68.61.0/24 109.68.62.0/24 170.176.242.0/24 2604:b040:13:f00:1::/80 |
| Dubai, UAE (GAEDX2) Localization zone |
Dammam, Saudi Arabia | See ingress/egress range for GSADA | 199.19.254.192/28 2604:b040:13:1600::/80 |
| Dublin, Ireland (GIEDU) Localization zone |
London, England |
148.64.15.164 - Retiring on November 16, 2025 |
148.64.15.0/24 - Retiring on November 16, 2025 199.247.45.128/25 - Available on October 15, 2025 2604:b040:13:1000:1::/80 |
| Frankfurt, Germany (GDEFR) Dedicated IP site |
Frankfurt, Germany | 199.247.38.164 | 199.247.34.0/24 199.247.38.0/24 199.247.39.0/24 199.247.40.0/24 199.247.41.0/24 2604:b040:13:1100:1::/80 |
| Helsinki, Finland (GFIHE) Localization zone starting after October 15, 2025 Dedicated IP site |
Helsinki, Finland - Retiring on November 16, 2025 Stockholm, Sweden - Available after October 15, 2025 |
168.149.149.164 - Retiring on November 16, 2025 199.247.35.164 - Available after October 15, 2025 |
168.149.149.0/24 - Retiring on November 16, 2025 148.64.17.0/24 - Available after October 15, 2025 34.88.194.112/29 - Available after October 15, 2025 2604:b040:13:d00:1::/80 |
| Lisbon, Portugal (GPTLI) Localization zone |
Madrid, Spain | See ingress/egress range for GESTO | 199.116.175.80/28 34.175.65.69/32 2604:b040:13:e00::/80 |
| Ljubljana, Slovenia (GSILJ) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 199.116.172.160/27 2604:b040:13:1400::/80 |
| London, England (GGBLO) Dedicated IP site Policy Based Routing site |
London, England | 148.64.26.164 | 148.64.9.0/24 148.64.26.0/24 148.64.27.0/24 148.64.28.0/24 148.64.29.0/24 148.64.30.0/24 46.235.154.0/24 34.39.35.128/26 109.68.56.0/24 2604:b040:13:1000::/80 |
| Madrid, Spain (GESTO) Dedicated IP site |
Madrid, Spain | 199.19.249.164 | 199.19.249.0/24 2604:b040:13:e00::/80 |
| Manama, Bahrain (GBHMA) Localization zone |
Mumbai, India (Retiring TBD) Dammam, Saudi Arabia |
See ingress/egress range for GAEAD (Retiring TBD) See ingress/egress range for GSADA |
148.64.6.64/27 (Retiring TBD) |
| Milan, Italy (GITMO) Dedicated IP site |
Milan, Italy | 185.180.49.164 | 46.235.159.128/25 185.180.49.0/24 2604:b040:13:1400::/80 |
| Nicosia, Cyprus (GCYNI) Localization zone |
Frankfurt, Germany | See ingress/egress range for GROBU | 46.235.156.64/27 2604:b040:13:1100:2::/80 |
| Oslo, Norway (GNOOS) Localization zone |
Helsinki, Finland - Retiring on November 17, 2025 Stockholm, Sweden - New on October 15, 2025 |
109.68.63.164 - Retiring on November 17, 2025 199.247.35.164 - Available after October 15, 2025 See ingress/egress range for GSESK |
109.68.63.0/24 - Retiring on November 17, 2025 |
| Paris, France (GFRVE) Dedicated IP site |
Paris, France | 199.116.172.1 | 199.116.172.0/25 2604:b040:13:1500::/80 |
| Riga, Latvia (GLVRI) Localization zone |
Helsinki, Finland | See ingress/egress range for GHEFI | 199.116.175.0/27 2604:b040:13:d00:1::/80 |
| Stockholm, Sweden (GSESK) Localization zone |
Helsinki, Finland | 199.247.35.164 | 199.247.35.0/24 2604:b040:13:d00:2::/80 |
| Tallinn, Estonia (GEETA) Localization zone |
Helsinki, Finland | See ingress/egress range for GHEFI | 199.116.172.224/27 2604:b040:13:d00:1::/80 |
| Tel Aviv, Israel (GILTA) Dedicated IP site Policy Based Routing site |
Tel Aviv, Israel | 198.135.125.164 | 198.135.125.0/24 2604:b040:13:1700::/80 |
| Valletta, Malta (GMTVA) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 34.154.50.128/27 2604:b040:13:1400::/80 |
| Vienna, Austria (GATVI) Localization zone |
Frankfurt, Germany | See ingress/egress range for GDEFR | 46.235.156.32/27 2604:b040:13:1100:1::/80 |
| Vilnius, Lithuania (GLTVI) Localization zone |
Warsaw, Poland | See Ingress/egress range for GPOWA | 199.116.172.192/27 2604:b040:13:c00::/80 |
| Warsaw, Poland (GPOWA) | Warsaw, Poland | 103.9.99.164 | 103.9.99.0/24 2604:b040:13:c00::/80 |
| Zagreb, Croatia (GHRZA) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 168.149.132.224/27 2604:b040:13:1400::/80 |
| Zurich, Switzerland (GCHZU) | Zurich, Switzerland | 148.64.11.164 | 148.64.11.0/24 2604:b040:13:1300:2::/80 |
Africa |
|||
| Location (codename) | Compute region | Ingress IP address (IPsec and trans-proxy) | Ingress and egress ranges for other access methods and for auth connector |
| Abuja, Nigeria (GNGAB) Localization zone |
Madrid, Spain | See ingress/egress range for for GESTO | 199.116.175.64/28 34.175.220.157/32 2604:b040:13:e00::/80 |
| Accra, Ghana (GGHAC) Localization zone |
Madrid, Spain | See ingress/egress range for GESTO | 199.116.175.32/28 34.175.63.171/32 2604:b040:13:e00::/80 |
| Algiers, Algeria (GDZAL) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 34.154.250.192/27 2604:b040:13:1400::/80 |
| Cairo, Egypt (GEGCA) Localization zone |
Frankfurt, Germany | See ingress/egress range for GROBU | 46.235.156.96/27 |
| Dakar, Senegal (GSNDA) Localization zone |
Madrid, Spain | See ingress/egress range for GESTO | 199.116.175.96/28 34.175.234.195/32 2604:b040:13:e00::/80 |
| Gaborone, Botswana (GBWGA) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.16/28 2604:b040:13::/80 |
| Harare, Zimbabwe (GZWHA) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.128/28 2604:b040:13::/80 |
| Johannesburg, South Africa (GZASO) | Johannesburg, South Africa | 199.19.251.164 | 199.19.251.0/24 2604:b040:13::/80 |
| Lilongwe, Malawi (GMWLI) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.48/28 2604:b040:13::/80 |
| Luanda, Angola (GAOLU) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.0/28 2604:b040:13::/80 |
| Lusaka, Zambia (GZMLU) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.112/28 2604:b040:13::/80 |
| Maputo, Mozambique (GMZMA) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.80/28 2604:b040:13::/80 |
| Nairobi, Kenya (GKENA) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.32/28 2604:b040:13::/80 |
| Port Louis, Mauritius (GMUPL) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.64/28 2604:b040:13::/80 |
| Rabat, Morocco (GMARA) Localization zone |
Madrid, Spain | See ingress/egress range for GESTO | 199.116.175.48/28 34.175.124.242/32 2604:b040:13:e00::/80 |
| Tunis, Tunisia (GTNTU) Localization zone |
Milan, Italy | See ingress/egress range for GITMO | 34.154.50.192/27 2604:b040:13:1400::/80 |
| Windhoek, Namibia (GNAWI) Localization zone |
Johannesburg, South Africa | See ingress/egress range for GZASO | 199.19.254.96/28 2604:b040:13::/80 |
* The compute region will change on the designated date.
POP Types
- Compute POP - Otherwise known as a data center, a point of presence that contains physical compute infrastructure.
- Localization Zones - Provide an improved user experience by localizing content requests for countries where there is no Cloud SWG compute POP.
Dedicated IP Sites
Dedicated IPs (part of Cloud SWG Premium Routing) provides tenant-dedicated IPs in Cloud SWG data centers. Sites that host Dedicated IP infrastructure are denoted in the table above with the label: "Dedicated IP site" below the site codename.
Policy based Routing Sites
Policy Based Routing (part of Cloud SWG Premium Routing) provides control over traffic egress geolocation. Sites that host Policy Based Routing infrastructure are denoted in the table above with the label: "Policy Based Routing site" below the site codename.
Additional Information
The Cloud SWG service now has a service points URL that can be used to retrieve our IP address space for all hosts, including the Portal, authentication, PFMS, CTC and so forth. The service points URL is https://servicepoints.threatpulse.com/ and is a JSON formatted document. Note that the auth connector (aka bcca.exe) connects to IP addresses within the egress IP address range.
IMPORTANT NOTE: The service points URL https://servicepoints.threatpulse.com/ were deprecated on September 1, 2024. The new service points URL is https://servicepoints.threatpulse.com/api/v2/full and is live now. The data formatting has changed. To avoid any interruptions, review the changes in the files and start using the new URL as soon as possible. The service points URL was announced on May 29, 2024. To see the announcement, click here.
This information is also applicable to Smart VPN. More information: https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/endpoint-security/sescloud/Protection/Secure-Connection/what-is-v128662923-d4152e263.html
Feedback
Yes
No
Powered by
