Connectivity Requirements
The Insight Agent requires properly configured assets and network settings to function correctly. Since the method of agent communication varies by product, additional configuration may be required depending on which Insight products you plan to use. Before you deploy the Insight Agent, make sure that the Agent can successfully connect and transfer data to the Insight Platform by fulfilling the following requirements:
Proxy Support
The Insight Agent is now proxy-aware and supports a variety of proxy definition sources. See the Proxy Configuration page for more information.
SSL Decryption Exclusion
The Insight Agent will not work if your organization decrypts SSL traffic via Deep Packet Inspection technologies like transparent proxies.
Insight Platform Connectivity Requirements
The Insight Agent communicates with the Insight Platform through specific channels that allow for the transfer of data, in a safe and secure manner. To ensure all data reaches the Insight Platform, configure your endpoints such that the following destinations are reachable through the designated port:
| Data type | Destination | Port |
|---|---|---|
| Agent messages, beacons, update requests, and file uploads for collection | *.endpoint.ingress.rapid7.com | 443 |
| Configuration files for deployment | *.insight.rapid7.com | 443 |
As an alternative to configuring a firewall rule that allows traffic for this URL, you can instead configure firewall rules to allow traffic to the following IP addresses and CIDR blocks for your selected region.
| United States - 1 | United States - 2 | United States - 3 | Canada | Europe | Japan | Australia |
|---|---|---|---|---|---|---|
| 34.226.68.35 | 13.58.19.32 | 44.242.59.199 | 52.60.40.157 | 3.120.196.152 | 103.4.8.209 | 52.64.24.140 |
| 54.144.111.231 | 3.131.127.126 | 52.41.171.59 | 52.60.107.153 | 3.120.221.108 | 18.182.167.99 | 13.55.81.47 |
| 52.203.25.223 | 3.139.243.230 | 54.213.168.123 | 18.192.78.218 | |||
| 34.236.161.191 | ||||||
| 193.149.136.0/24 |
Collector Proxy Requirements
If you also use the Rapid7 Collector to proxy agent traffic, you will require the following additional connectivity:
| Data type | Destination | Port |
|---|---|---|
| Agent messages and beacons | Rapid7 Collector |
|
| Agent update requests and file uploads for collection | Rapid7 Collector | 6608 |