KB Article | Forcepoint Support
Support
  1. Home
  2. Knowledgebase

Cloud service data center IP addresses and port numbers

  • Article Number: 000007701
  • Products: Cloud Security Gateway, Forcepoint Email Security Cloud, Forcepoint Web Security, Forcepoint Web Security Cloud, TRITON AP-EMAIL, TRITON AP-WEB
  • Version: All Versions
  • Last Published Date: February 18, 2021

Notes & Warnings

Forcepoint is committed to delivering a fast, secure and reliable cloud infrastructure. To accommodate increases in service usage, we may expand resources within existing data centers, balance traffic between data centers, or open new data centers. Forcepoint cloud administrators receive notifications before new data centers and IP address ranges come online.

As we expand our infrastructure, we may change the IP address to which your web requests are routed. This might occur, for example, if we add capacity closer to you. Having your firewall open to all of our IP ranges enables us to add to our infrastructure without affecting your service.

Problem Description

What are the access IP addresses for Forcepoint's cloud services? Which IP addresses and ports need to be open on my firewall to use the Forcepoint cloud web and email service?

Resolution

If you intend to lock down your firewall, or already have your firewall locked down, and intend to use the cloud web or cloud email service, you must allow connections to and from the range of IP addresses for Forcepoint cloud service data centers and local points of presence (also known as vPoPs).
 

IP address ranges in use by Forcepoint cloud services

 
CIDRRangeSubnetMask
85.115.32.0/1985.115.32.0 - 85.115.63.25585.115.32.0255.255.224.0
86.111.216.0/2386.111.216.0 - 86.111.217.25586.111.216.0255.255.254.0
116.50.56.0/21116.50.56.0 - 116.50.63.255116.50.56.0255.255.248.0
208.87.232.0/21208.87.232.0 - 208.87.239.255208.87.232.0255.255.248.0
86.111.220.0/2286.111.220.0 - 86.111.223.25586.111.220.0255.255.252.0
103.1.196.0/22103.1.196.0 - 103.1.199.255103.1.196.0255.255.252.0
177.39.96.0/22177.39.96.0 - 177.39.99.255177.39.96.0255.255.252.0
196.216.238.0/23196.216.238.0 - 196.216.239.255196.216.238.0255.255.254.0
192.151.176.0/20192.151.176.0 - 192.151.191.255192.151.176.0255.255.240.0
157.167.0.0/16157.167.0.0 - 157.167.255.255157.167.0.0255.255.0.0
 

Data center locations and IP addresses

 
COUNTRYCITYDATA CENTER IDIP SPACE
AustraliaSydneyM116.50.58.0/24
BrazilSao PauloP177.39.96.0/24*
CanadaTorontoYYZA192.151.178.0/24*
ChinaHong KongK116.50.57.0/24
FranceParisD85.115.60.0/24
85.115.60.{201-206}*
GermanyFrankfurtB85.115.56.0/24
85.115.56.{201-206}*
GermanyDusseldorfE85.115.58.0/24
ItalyMilanMILA85.115.39.0/24*
IndiaMumbaiC116.50.59.0/24
JapanTokyoT116.50.61.0/24*
NetherlandsAmsterdamX85.115.33.0/24*
PolandWarsawWAWA85.115.35.0/24*
SingaporeSingaporeR116.50.60.0/24*
South AfricaJohannesburgS196.216.238.0/24
196.216.238.{201-206}*
SwedenStockholmU85.115.37.0/24*
SwitzerlandGenevaF85.115.62.0/24
UKLondon (Heathrow)A85.115.52.0/24
85.115.52.{201-206}*
UKLondon (Docklands)LONB85.115.53.0/24*
85.115.53.{201-206}*
UKSloughJ85.115.54.0/24
85.115.54.{201-206}*
United Arab EmiratesDubaiDXBA85.115.46.0/24*
USASan Jose, CAG208.87.233.0/24
208.87.233.{201-206}*
USAAshburn, VAH208.87.234.0/24
208.87.234.{201-206}*
USALos Angeles, CALAXA208.87.235.0/24*
USAChicago, ILN208.87.237.0/24*
208.87.237.{201-206}*
USANew York, NYNYCA208.87.236.0/24*
USADallas, TXO208.87.239.0/24*
USAMiami, FLQ208.87.238.0/24*
* - IP address range applies to cloud web products only.


Local point of presence (local PoP) locations and IP addresses

Forcepoint provides local access for Web Security Cloud via the following locations. For more information, see the article Improved content localization with local point of presence (aka vPoP) IP addresses.

CountryCityLocal PoP IDIP spaceLocation for traffic processing
AlbaniaTiranaTIAA157.167.58.0/24Dusseldorf (E)
AlgeriaAlgiersALGA157.167.97.0/24Paris (D)
AndorraAndorra la VellaLEUA157.167.111.0/24Paris(D)
AngolaLuandaLADA157.167.98.0/24Johannesburg (S)
AnguillaThe ValleyAXAA157.167.112.0/24Miami (Q)
ArgentinaBuenos AiresBUEA177.39.97.0/24Sao Paolo (P)
ArmeniaYerevanEVNA157.167.75.0/24Dusseldorf (E)
ArubaOranjestadAUAA157.167.113.0/24Miami (Q)
AustriaViennaVIEA157.167.59.0/24Dusseldorf (E)
AzerbaijanBakuGYDA157.167.76.0/24Dusseldorf (E)
BahamasNassauNASA157.167.114.0/24Miami (Q)
BahrainManamaBAHA157.167.78.0/24Mumbai (C)
BangladeshDhakaBZLA157.167.79.0/24Mumbai (C)
BarbadosBridgetownBGIA157.167.115.0/24Miami (Q)
BelarusMinskMSQA157.167.48.0/24Frankfurt (B)
BelgiumBrusselsBRUA85.115.61.0/24Amsterdam (X)
BelizeBelmopanBCVA157.167.10.0/24Miami (Q)
BermudaHamiltonBDAA157.167.116.0/24New York (NYCA)
BhutanThimphuPBHA157.167.80.0/24Mumbai (C)
BoliviaLa PazLPBA157.167.17.0/24Sao Paolo (P)
Bosnia and HerzegovinaSarajevoSJJA157.167.60.0/24Dusseldorf (E)
British Virgin IslandsRoad TownEISA157.167.117.0/24Miami (Q)
BruneiBandar Seri BegawanBWNA157.167.27.0/24Singapore (R)
BulgariaSofiaSOFA157.167.61.0/24Dusseldorf (E)
CambodiaPhnomh PenhPNHA157.167.28.0/24Singapore (R)
CanadaOttawaYYZB157.167.57.0/24San Jose (G)
Cayman IslandsGeorge TownGCMA157.167.118.0/24Miami (Q)
ChileSantiagoSCLA157.167.18.0/24Sao Paolo (P)
ColombiaBogotaBOGA192.151.179.0/24Miami (Q)
Costa RicaSan JoseSJOA157.167.11.0/24Miami (Q)
CroatiaZagrebZAGA157.167.62.0/24Dusseldorf (E)
CuracaoWillemstadCURA157.167.119.0/24Miami (Q)
CyprusNicosiaNICA157.167.63.0/24Dusseldorf (E)
Czech RepublicPraguePRGA157.167.64.0/24Dusseldorf (E)
DenmarkCopenhagenCPHA157.167.45.0/24Dusseldorf (E)
Dominican RepublicSanto DomingoSDQA157.167.120.0/24Miami (Q)
EcuadorQuitoUIOA157.167.12.0/24Miami (Q)
EgyptCairoCAIA157.167.81.0/24Paris (D)
El SalvadorSan SalvadorSALA157.167.13.0/24Miami (Q)
EstoniaTallinnTLLA157.167.49.0/24Frankfurt (B)
EthiopiaAddis AbabaADDA157.167.99.0/24Heathrow (A)
FijiSuvaSUVA157.167.41.0/24Sydney (M)
FinlandHelsinkiHELA85.115.63.0/24Stockholm (U)
French GuianaCayenneCAYA157.167.19.0/24Miami (Q)
French PolynesiaPapeetePPTA157.167.42.0/24Sydney (M)
GeorgiaTbilisiTBSA157.167.82.0/24Amsterdam (X)
GhanaAccraACCA157.167.100.0/24Heathrow (A)
GibraltarGibraltarGIBA157.167.53.0/24Heathrow (A)
GreeceAthensATHA157.167.65.0/24Dusseldorf (E)
GreenlandNuukGOHA157.167.127.0/24New York (NYCA)
GuatamalaGuatamala CityGUAA157.167.14.0/24Miami (Q)
GuyanaGeorgetownGEOA157.167.20.0/24Miami (Q)
HaitiPort-au-PrincePAPA157.167.121.0/24Miami (Q)
HondurasTegucigalpaTGUA157.167.15.0/24Miami (Q)
HungaryBudapestBUDA157.167.66.0/24Dusseldorf (E)
IcelandReykjavicKEFA157.167.43.0/24Amsterdam (X)
IndonesiaJakartaCGKA157.167.34.0/24Singapore (R)
IraqBaghdadBGWA157.167.83.0/24Frankfurt (B)
IrelandDublinDUBA157.167.54.0/24Heathrow (A)
IsraelJerusalemJRSA85.115.47.0/24Slough (J)
ItalyRomeITAA157.167.67.0/24Frankfurt (B)
Ivory CoastYamoussoukroASKA157.167.101.0/24Paris (D)
JamaicaKingstonKINA157.167.122.0/24Miami (Q)
JerseySaint HelierJERA157.167.55.0/24Heathrow (A)
JordanAmmanAMMA157.167.84.0/24Frankfurt (B)
KazakhstanNur-SultanALAA157.167.85.0/24Frankfurt (B)
KenyaNairobiWILA157.167.102.0/24Johannesburg (S)
KuwaitKuwait CityKWIA157.167.86.0/24Frankfurt (B)
LaosVientianeVTEA157.167.32.0/24Singapore (R)
LatviaRigaRIXA157.167.50.0/24Frankfurt (B)
LebanonBeirutLEBA157.167.87.0/24Frankfurt (B)
LiberiaMonroviaLIRA157.167.103.0/24Paris (D)
LithuaniaVilniusVNOA157.167.44.0/24Amsterdam (X)
LuxembourgLuxembourg CityLUXA157.167.95.0/24Frankfurt (B)
MacauMacauMFMA157.167.36.0/24Hong Kong (K)
MacedoniaSkopjeSKPA157.167.68.0/24Frankfurt (B)
MalaysiaKuala LumpurKLIA157.167.33.0/24Singapore (R)
MaldivesMaleMLEA157.167.88.0/24Singapore (R)
MaltaValettaMLAA157.167.104.0/24Frankfurt (B)
MauritiusPort LouisMRUA157.167.105.0/24Johannesburg (S)
MexicoMexico CityMEXA192.151.180.0/24Dallas (O)
MoldovaChisinauKIVA157.167.69.0/24Frankfurt (B)
MonacoMonte CarloMCMA157.167.106.0/24Frankfurt (B)
MongoliaUlaanbaatarULNA157.167.37.0/24Hong Kong (K)
MontenegroPodgoricaTGDA157.167.70.0/24Frankfurt (B)
MoroccoRabatRBAA157.167.107.0/24Paris (D)
MyanmarNaypyidawNYTA157.167.35.0/24Singapore (R)
NepalKathmanduKTMA157.167.89.0/24Singapore (R)
New ZealandWellingtonWLGA116.50.62.0/24Sydney (M)
NicaraguaManaguaMGAA192.151.181.0/24Miami (Q)
NigeriaAbujaABVA157.167.108.0/24Heathrow (A)
NorwayOsloOSLA85.115.45.0/24Amsterdam (X)
OmanMuscatMCTA157.167.90.0/24Mumbai (C)
PakistanIslamabadISBA157.167.91.0/24Frankfurt (B)
PanamaPanama CityPTYA157.167.16.0/24Miami (Q)
Papua New GuineaPort MoresbyPOMA157.167.40.0/24Sydney (M)
ParaguayAsuncionASUA157.167.21.0/24Sao Paolo (P)
PeruLimaLIMA157.167.22.0/24Sao Paolo (P)
PhilippinesManilaMNLA157.167.39.0/24Hong Kong (K)
PolandWarsawWAWB157.167.46.0/24Dusseldorf (E)
PortugalLisbonLISA157.167.56.0/24Paris (D)
Puerto RicoSan JuanSJUA157.167.123.0/24Miami (Q)
QatarDohaDOHA157.167.92.0/24Mumbai (C)
RomaniaBucharestARWA157.167.71.0/24Frankfurt (B)
RussiaMoscowMOWA157.167.51.0/24Frankfurt (B)
Saint Kitts and NevisBasseterreSKBA157.167.124.0/24Miami (Q)
San MarinoSan MarinoRMIA157.167.109.0/24Frankfurt (B)
Saudi ArabiaRiyadhRUHA157.167.93.0/24Paris (D)
SerbiaBelgradeBEGA157.167.72.0/24Frankfurt (B)
SlovakiaBratislavaBTSA157.167.73.0/24Frankfurt (B)
SloveniaLubljanaLJUA157.167.74.0/24Frankfurt (B)
South KoreaSeoulICNA157.167.26.0/24Tokyo (T)
SpainMadridMADA85.115.44.0/24Paris (D)
Sri LankaSri Jayawardenepura KotteCMBA157.167.94.0/24Mumbai (C)
SurinameParamariboPBMA157.167.23.0/24Miami (Q)
SwedenStockholmARNA157.167.47.0/24Dusseldorf (E)
SwitzerlandBernBRNA157.167.96.0/24Frankfurt (B)
TaiwanTaipeiTPEA157.167.38.0/24Hong Kong (K)
ThailandBangkokBKKA157.167.29.0/24Singapore (R)
Timor-LesteDiliDILA157.167.30.0/24Singapore (R)
Trinidad and TobagoPort of SpainPOSA157.167.125.0/24Miami (Q)
TunisiaTunisTUNA157.167.110.0/24Frankfurt (B)
TurkeyAnkaraESBA157.167.128.0/24Heathrow (A)
UkraineKievIEVA157.167.52.0/24Frankfurt (B)
UruguayMontevideoMVDA157.167.24.0/24Sao Paolo (P)
US Virgin IslandsCharlotte AmalieSTTA157.167.126.0/24Miami (Q)
VenezuelaCaracasCCSA157.167.25.0/24Sao Paolo (P)
VietnamHanoiHANA157.167.31.0/24Singapore (R)
YemenSana'aSAHA157.167.77.0/24Paris (D)
 

Notes:

  • Forcepoint cloud services use multiple IP addresses within the IP spaces listed above, based on product. For example, .150 and .211-.216 are used for the hybrid service, .180 and .201-.206 are used for the cloud service, and .190 is for email and hybrid web reporting. These examples are not exclusive; any IP address within the specified IP range can be used.
  • The following points of presence support web and email:
    • A | B | C | D | E | F | G | H | J | K | M | S
All other points of presence support web only.
  • For localized web results using EasyConnect services, configure Forcepoint NGFW to point the connection to the .180 address of the local point of presence (local PoP) address range for your chosen country.


Forcepoint Web Security Cloud

Forcepoint Web Security Cloud serves end-user web requests from the closest data center location between you and the service. Be sure to allow traffic through your firewall, to and from Forcepoint's IP ranges, on all ports listed below.

Ports to open:
  • Forcepoint Security Portal: 80 and 443
  • Forcepoint Web Security Cloud:
    • 8082 and 8081 if you are retrieving the PAC file and routing web traffic through the standard cloud web ports. (If you are using port 80 for the PAC file, you do not need to open these ports.)
    • 8087 if you are retrieving the PAC file via HTTPS. Port 8081 must also be opened for browsing. (If you are using port 443 for the HTTPS PAC file, you do not need to open these ports.)
    • 8006 if you are using single sign-on integration.
    • 8089 if you are using secure form authentication.
Note that further ports may be required in the future as new features are added to the service.

IPsec and GRE connectivity 

For a list of IP addresses for use with the IPsec Advanced and GRE services, see IP addresses for IPsec Advanced and GRE connectivity.
 

Forcepoint Email Security Cloud

Forcepoint Email Security Cloud uses customer-specific DNS records to route email from the cloud service to your email gateway, and from your email gateway back to the service. Once you complete the registration wizard, the details you entered are verified. When the security check is complete, you will receive a welcome message detailing your customer-specific DNS records and instructions for routing email.
 
Because Forcepoint Email Security Cloud is a hosted service, Forcepoint is responsible for managing system capacity. For this reason, we may occasionally choose to alter the route of your email within our service. To enable us to do this seamlessly without requiring you to make further changes, you must allow SMTP connections from all of the IP ranges listed above. To access the Forcepoint Security Portal, ensure that ports 80 and 443 are also permitted for these IP ranges.

Ports to open:
  • Forcepoint Security Portal: 80 and 443
  • Forcepoint Email Security Cloud: 25
We strongly recommend that you lock down your firewall to ensure that your mail servers only accept email from Forcepoint IP addresses. If you do not do this, then email can be maliciously routed directly to your mail servers, bypassing Forcepoint Email Security Cloud. For more information, see the Restricting connections to your mail servers in the Forcepoint Email Security Cloud Getting Started Guide.
 

Maintenance procedures

On occasion, Forcepoint carries out routine maintenance on its data center infrastructure. In order to minimize disruption, work is scheduled out of hours for the affected location wherever possible, and all services are failed over to alternative data centers where necessary. For information about procedures for maintenance to our network infrastructure, including information about how to test your redundancy and failover processes, see the knowledge article Cloud and hybrid extended maintenance procedures.





keywords: ip addresses; data centre; ranges; connection; ports; cluster; firewall; network; smtp
 

Article Feedback



Thank you for the feedback and comments.

Want 24/7 Tech Support?

Learn more