All deployments of the Insight Agent require proper connectivity to function. This article details the necessary traffic allowance rules that you will need to configure on your assets so their corresponding agents can communicate with the Insight Platform. Additionally, you may need to configure additional rules for the agent directory if you use an endpoint security application in your environment.
- Insight Platform Connectivity Requirements
- Collector Proxy Requirements
- Endpoint Security Software Requirements
The Insight Agent is now proxy-aware and supports a variety of proxy definition sources. See the Proxy Configuration page for more information.
The Insight Agent will not function if your organization decrypts SSL traffic via Deep Packet Inspection technologies.
Insight Platform Connectivity Requirements
The Insight Agent communicates with the Insight Platform through the following channel. All endpoint URLs ending with this destination must be reachable through the designated port.
|Agent messages, beacons, update requests, and file uploads for collection||443|
|Configuration files for deployment||443|
If you need an alternative to configuring a firewall rule that allows traffic for this URL, you can configure firewall rules to allow traffic to the following IP addresses for your selected region instead.
|United States - 1||United States - 2||United States - 3||Canada||Europe||Japan||Australia|
Collector Proxy Requirements
If you also use the Rapid7 Collector to proxy agent traffic, it requires the following additional connectivity:
|Agent messages and beacons||Rapid7 Collector|
|Agent update requests and file uploads for collection||Rapid7 Collector||6608|
Endpoint Security Software Requirements
Endpoint security applications (such as McAfee Threat Intelligence Exchange, CylancePROTECT, Carbon Black, and others) may flag, block, or delete the Insight Agent from your assets depending on your detection and response settings. To prevent this from happening, configure a rule for the agent directory so your endpoint security software does not target it accidentally.
Your rule must accommodate all subdirectories contained in the agent installation path. The following paths show default agent installation locations by operating system:
- Windows -
C:\Program Files\Rapid7\Insight Agent\
- Mac and Linux -