Firewall Requirements

Hosted & On-Premise

To ensure the flow of information between the N-able N-central server and outside sources, ensure the following domains and URLs are added to your firewall allow list. These domains are needed for outbound communication.

send.n-able.com

The N-able internal FTP server where a partner can upload and download files such as logs, executables and scripts.

This is also the location where you download scripts from Scripto for additional troubleshooting tools for N-able N-central.

Ports required: TCP 20 and 21, ports above UDP 1024 for passive transfer.

sis.n-able.com

A repository of XML files. Each XML lists download links for .exe, patches and so on.

For example, when the agent is installed on a device and it needs to download AV Defender, the agent goes to http://sis.n-able.com/GenericFiles.xml and get the link to download the files compatible for the agent version.

Port required: HTTP (80) and HTTPS (443)

  All domains below require port TCP 443.

update.n-able.com

The location where N-able N-central obtains the NSP file for upgrade. It also has .ISO, vdh.gz files for a N-able N-central installation. There is also an alias of this domain at releases.n-able.com.

feeds.n-able.com

The location where the N-able N-central gets RSS feeds.

sis.n-able.com

A repository of XML files. Each XML lists download links for .exe, patches and so on.

servermetrics.n-able.com

On-Premise only

When an N-able N-central server is installed, all information about it is sent to the N-able internal Activation Server.

licensing.n-able.com

On-Premise only

Once the N-able N-central server is validated, it communicates with the internal Activation Server to get the full license depending on the contract details.

push.n-able.com

Used for Apple Push Notification service (APN) and CSR certificate request for Mobile Device Management.

scep.n-able.com

Used for MDM installation, pushing profile to the target device

sso.navigatorlogin.com

On-Premise only

The login page used for MSP SSO authentication.

msp-sso-proxy.eu-west-1.prd.cdo.system-monitor.com

msp-sso-proxy.us-west-2.prd.cdo.system-monitor.com

MSP SSO proxy URLs used for user enrollment and user changes synchronization.

updatewarranty.com

On-Premise only

Used by N-able N-central to check the warranty expiration dates of managed devices.

microsoft.com

Used For Windows Update, which is needed for Patch Management or any other patch solution software.

https://keybox.n-able.com

Used with Netpath, EDR and future integrated components.

https://keybox.solarwindsmsp.com Used with Netpath, EDR and future integrated components.

*.sentinelone.net

Used by EDR.

https://api.ecosystem-middleware.eu-central-1.prd.esp.system-monitor.com

https://api.ecosystem-middleware.eu-west-1.prd.esp.system-monitor.com

https://api.ecosystem-middleware.us-west-2.prd.esp.system-monitor.com

https://api.ecosystem-middleware.ap-southeast-2.prd.esp.system-monitor.com

https://ui.ecosystem-middleware.prd.esp.system-monitor.com/

Used by Microsoft Intune.

api.ecosystem-middleware.eu-east-1.prd.esp.system-monitor.com

api.ecosystem-middleware.us-west-1.prd.esp.system-monitor.com

Middleware endpoints.

rest.ecosystem.ap-southeast-2.prd.esp.system-monitor.com

rest.ecosystem.eu-east-1.prd.esp.system-monitor.com

rest.ecosystem.eu-west-1.prd.esp.system-monitor.com

rest.ecosystem.us-west-1.prd.esp.system-monitor.com

Rest endpoints.

grpc.ecosystem.ap-southeast-2.prd.esp.system-monitor.com

grpc.ecosystem.eu-east-1.prd.esp.system-monitor.com

grpc.ecosystem.eu-west-1.prd.esp.system-monitor.com

grpc.ecosystem.us-west-1.prd.esp.system-monitor.com

GRPC endpoints.

cdn.pendo.io

data.pendo.io

pendo-io-static.storage.googleapis.com

pendo-static*.storage.googleapis.com

Used by Pendo to receive data.

Port required: HTTPS (443)

mtls.api.featureflags.prd.sharedsvcs.system-monitor.com Used for Feature Preview.
assets.prd.esp.system-monitor.com Used for Integrations like DNS Filter and EDR.

integrated.cloudbackup.management

*.cloudbackup.management

secure.n-able.com

Used for Backup integration connections.

*.ap-southeast-2.prd.cdo.system-monitor.com

*.eu-central-1.prd.cdo.system-monitor.com

*.eu-west-1.prd.cdo.system-monitor.com

*.us-west-2.prd.cdo.system-monitor.com

cdn-component.fusion.prd.cdo.system-monitor.com

cdn-notary.pub.prd.cdo.system-monitor.com

Used for modern agent to cloud communications.