All deployments of the Insight Agent require proper connectivity to function. This article details the necessary whitelisting rules that you will need to configure on your assets so their corresponding agents can communicate with the Insight platform. Additionally, you may need to configure whitelisting rules for the agent directory if you use an endpoint security application in your environment.

Proxy Support

The Insight Agent is now proxy-aware and supports a variety of proxy definition sources. See the Proxy Configuration page for more information.


The Insight Agent will not function if your organization decrypts SSL traffic via Deep Packet Inspection technologies.

Insight Platform Connectivity Requirements

The Insight Agent communicates with the Insight platform through the following channel. All endpoint URLs ending with this destination must be whitelisted for the designated port.

Data type



Agent messages, beacons, update requests, and file uploads for collection



Configuration files for deployment



If you need an alternative to the URL whitelisting method shown previously, whitelist the following IP addresses for your selected region instead.


IP Address

United States





Collector Proxy Requirements

If you also use the Rapid7 Collector to proxy agent traffic, it requires the following additional connectivity:

Data type



Agent messages and beacons

Rapid7 Collector

8037 (TCP and UDP)

Agent update requests and file uploads for collection

Rapid7 Collector


Endpoint Security Software Requirements

Endpoint security applications (such as McAfee Threat Intelligence Exchange, CylancePROTECT, Carbon Black, and others) may flag, block, or delete the Insight Agent from your assets depending on your detection and response settings. To prevent this from happening, configure a whitelist rule for the agent directory so your endpoint security software does not target it accidentally.

Your whitelist rule must accommodate all subdirectories contained in the agent installation path. The following paths show default agent installation locations by operating system:

  • Windows - C:\Program Files\Rapid7\Insight Agent\
  • Mac and Linux - /opt/rapid7/ir_agent/