Firewall Requirements
Hosted & On-Premise
To ensure the flow of information between the N-able N-central server and outside sources, ensure the following domains and URLs are added to your firewall allow list. These domains are needed for outbound communication.
send.n-able.com |
The N-able internal FTP server where a partner can upload and download files such as logs, executables and scripts. This is also the location where you download scripts from Scripto for additional troubleshooting tools for N-able N-central. Ports required: TCP 20 and 21, ports above UDP 1024 for passive transfer. |
sis.n-able.com |
A repository of XML files. Each XML lists download links for .exe, patches and so on. For example, when the agent is installed on a device and it needs to download AV Defender, the agent goes to http://sis.n-able.com/GenericFiles.xml and get the link to download the files compatible for the agent version. Port required: HTTP (80) and HTTPS (443) |
All domains below require port TCP 443. |
|
update.n-able.com |
The location where N-able N-central obtains the NSP file for upgrade. It also has .ISO, vdh.gz files for a N-able N-central installation. There is also an alias of this domain at releases.n-able.com. |
feeds.n-able.com |
The location where the N-able N-central gets RSS feeds. |
sis.n-able.com |
A repository of XML files. Each XML lists download links for .exe, patches and so on. |
servermetrics.n-able.com On-Premise only |
When an N-able N-central server is installed, all information about it is sent to the N-able internal Activation Server. |
licensing.n-able.com On-Premise only |
Once the N-able N-central server is validated, it communicates with the internal Activation Server to get the full license depending on the contract details. |
push.n-able.com |
Used for Apple Push Notification service (APN) and CSR certificate request for Mobile Device Management. |
scep.n-able.com |
Used for MDM installation, pushing profile to the target device |
sso.navigatorlogin.com On-Premise only |
The login page used for MSP SSO authentication. |
msp-sso-proxy.eu-west-1.prd.cdo.system-monitor.com msp-sso-proxy.us-west-2.prd.cdo.system-monitor.com |
MSP SSO proxy URLs used for user enrollment and user changes synchronization. |
updatewarranty.com On-Premise only |
Used by N-able N-central to check the warranty expiration dates of managed devices. |
microsoft.com |
Used For Windows Update, which is needed for Patch Management or any other patch solution software. |
https://keybox.n-able.com |
Used with Netpath, EDR and future integrated components. |
https://keybox.solarwindsmsp.com | Used with Netpath, EDR and future integrated components. |
*.sentinelone.net |
Used by EDR. |
https://api.ecosystem-middleware.eu-central-1.prd.esp.system-monitor.com https://api.ecosystem-middleware.eu-west-1.prd.esp.system-monitor.com https://api.ecosystem-middleware.us-west-2.prd.esp.system-monitor.com https://api.ecosystem-middleware.ap-southeast-2.prd.esp.system-monitor.com https://ui.ecosystem-middleware.prd.esp.system-monitor.com/ |
Used by Microsoft Intune. |
api.ecosystem-middleware.eu-east-1.prd.esp.system-monitor.com api.ecosystem-middleware.us-west-1.prd.esp.system-monitor.com |
Middleware endpoints. |
rest.ecosystem.ap-southeast-2.prd.esp.system-monitor.com rest.ecosystem.eu-east-1.prd.esp.system-monitor.com rest.ecosystem.eu-west-1.prd.esp.system-monitor.com rest.ecosystem.us-west-1.prd.esp.system-monitor.com |
Rest endpoints. |
grpc.ecosystem.ap-southeast-2.prd.esp.system-monitor.com grpc.ecosystem.eu-east-1.prd.esp.system-monitor.com grpc.ecosystem.eu-west-1.prd.esp.system-monitor.com grpc.ecosystem.us-west-1.prd.esp.system-monitor.com |
GRPC endpoints. |
cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static*.storage.googleapis.com |
Used by Pendo to receive data. Port required: HTTPS (443) |
mtls.api.featureflags.prd.sharedsvcs.system-monitor.com | Used for Feature Preview. |
assets.prd.esp.system-monitor.com | Used for Integrations like DNS Filter and EDR. |
integrated.cloudbackup.management *.cloudbackup.management secure.n-able.com |
Used for Backup integration connections. |
*.ap-southeast-2.prd.cdo.system-monitor.com *.eu-central-1.prd.cdo.system-monitor.com *.eu-west-1.prd.cdo.system-monitor.com *.us-west-2.prd.cdo.system-monitor.com cdn-component.fusion.prd.cdo.system-monitor.com cdn-notary.pub.prd.cdo.system-monitor.com |
Used for modern agent to cloud communications. |