This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Orion URLs for Firewall Whitelisting

There are significant advantages to having Orion able to access the Internet, however the last few days have shown that blanket access is not the best security stance to have.

I have collated the following list of URL's with my fellow MVP's assistance in order to help you put whitelist entries in to your firewall policies to give controlled external resource access to Orion.

I have broken these into categories, as some are module specific, and clearly you have the choice to replace many of these with a *, but I wanted to provide the full URL list for those that wish to be granular in their ruleset.

Function URL Detail

These will allow centralised upgrades and license registrations to be performed
Core - THWACK 


To allow display of THWACK feeds in widgets and direct import/export of templates
Core - WorldWide Map

For rendering the Worldwide map and for performing Geo lookups from SNMP data

Configuration Vulnerability Analysis

Cisco Smart Advisor

SAM hardware warranty lookups
Alerting (ServiceNow integration) https://<API-SubDomain>

If using ServiceNow alert integration. Replace API-SubDomain with your configured API URL

Add your own HelpDesk API URLS if you are using the GET/POST to URL or script actions to integrate your alerts

Alerting (SolarWinds Service Desk integration) (for non-EU customers) (for EU customers)

SolarWinds Service Desk Integration

Cloud Monitoring AWS




For monitoring AWS and Azure clouds in Orion core. List was taken from this previous post

For polling your Meraki infrastructure via central cloud management platform

Used to perform BGP data lookups

If you have the integration to the SolarWinds AppOptics SaaS APM solution
Discovery Agent (to obtain external IP) (for non-EU customers) (for EU customers)

SolarWinds Service Desk Discovery Agent for SolarWinds Orion

You will also need to be conscious of the monitoring targets you configure in Orion and add those to your whitelist policy, where for example in SAM, if you wish to monitor your Salesforce instance via HTTPS monitors in WPM or SAM, add your Salesforce FQDN, to monitor O365 then https://* and would be necessary. Ensure you bake your whitelist updates into your monitoring definition process.

If I have missed anything here, then please let me know via the comments, and I will update.

Parents Reply Children
No Data