What firewall settings are required when scanning using external (cloud) scanners?

If you receive a scan error when using our external, also called cloud scanners (not using a locally installed Scanner Appliance for scanning), you might have to configure your firewall or WAF (Web Application Firewall). Please check the following to ensure your assets (IP addresses, web applications, and APIs) can be scanned. 

The following IP addresses must be allowed (white-listed) for inbound traffic from our data center to your assets.

  • IPv4:
  • IPv4:
  • IPv6: 2a0b:6800::/29

Scanning a network

Make sure that either ICMP is allowed or that any of the following ports are available publicly for inbound communication: 21, 22, 23, 25, 53, 80, 110, 111, 135, 139, 143, 443, 445, 993, 995, 1723, 3306, 3389, 5900, and 8080. 

Scanning a web application

Please allow ports 80 and 443 for incoming traffic to your web application from our data center.