Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Allow IP Address Ranges for Points of Presence

A DNS service, known as the Global Routing Manager (GRM), routes web traffic from your network to instances of Secure Web Gateway on Points of Presence (PoPs), which are nodes in a worldwide network that has been set up as a cloud platform for this product.

To ensure that the endpoints in your network can fully use the GRM for routing traffic, you need to allow the IP address ranges for the PoPs if one of the following or both applies:

  • You are using a firewall to restrict web access.

  • You are running business-to-business services with partners who restrict access based on source IP addresses.

Proceed as follows.

  1. Look up the inbound and outbound IP address ranges. 

    They are provided in a list on the status website for Secure Web Gateway, see IP Address  Ranges.

    You can export the list as a file in .txt, .cvs, or .json format.

    In this list:

    • IP address ranges are marked according to whether they are used for inbound or outbound traffic, or for both.


    • IP address ranges of networks that have been deactivated are crossed out.
  2. Make sure the IP address ranges are entered in allow lists as follows.

    • If you are running a firewall, enter the outbound IP addresses in your firewall allow list.

      This ensures access to our PoPs is not blocked by your firewall.

    • If you are working with business partners using business-to-business services, forward the inbound addresses to them, so they can enter them in their allows list for these services.

      This ensures you can connect to your business-to-business services through our PoPs.

For information about other IP addresses, see Lists of IP Addresses and Other Parameters for Use in Network Configuration.

  • Was this article helpful?