The SAC Connector requires external connectivity to several endpoints depending on the location of the Tenant.
For all other connections, port 443 is required.
You can verify the IP is accessible and the port is open by running a telnet command from the connector's host:
>> telnet IP PORT
The tenants are divided into two geographical areas: USA \ Europe.
Per region, the list of SAC fixed IP-Addresses could be found here:
- US: https://download.us-west-2.luminatesec.com/public-ips
- EU: https://download.eu-west-1.luminatesec.com/public-ips
If you are not sure where is your tenant located:
Locate the region in the response:
nslookup tenant_name.luminatesec.com : xdxdxdxd.production.us-west-2.luminatesec.com
nslookup tenant_name.luminatesec.com: xdxdxdxd-5188d660a31.elb.eu-west-1.amazonaws.com
For the Connector's operation, the following URLs needs to be accessible:
- luminate-ws.tenant_name.luminatesec.com - endpoint for core-server connection, metrics collection, connector-orchestrator connection.
- internal.tenant_name.luminatesec.com - endpoint to CMS (registration, policy, last-seen status, traces)
- sentry.io - Sentry endpoint for health monitoring.