Blumira Sensor Outbound Allowlisting and PCI Environment Handling

Google Cloud IPs and Google IPs must be added to an allowlist if performing IP-only allowlisting – last updated 2020-03-25.

Domains to Allowlist

Blumira leverages a number of Google Cloud Platform services to provide you with a scalable and efficient experience. Part of that is the utilization of broad domains that leverage private key authentication within the Google Cloud Platform. This means that if there’s an issue in one region, DNS can round robin to other available and routed IPs.

• mqtt.googleapis.com– HTTPS/443
  Your Sensor uses this to send telemetry up to Google and Blumira on it’s health and status.
• pubsub.googleapis.com – HTTPS/443
  Your Sensor encrypts and securely sends data up through this protocol using a private key created for your specific Sensor.
• storage.googleapis.com – HTTPS/443
  Your Sensor downloads Docker images from Google Storage that deploy new module functionality or gather your custom Docker Sensor image.
• gcr.io – HTTPS/443
  Your Sensor authenticates to the Google Container Repository using it’s private key to gather modules securely from storage.googleapis.com.

If you were able to add the above URLs/FQDNs to an allow list, you’re all set! If you require IP-based allowlisting, please refer to the attachment which contains line-separated CIDRs that must be added to an allow list. An IPv6 list is also provided for any IPv6 needs.

Blumira_Google_IPs_20200325_IPv4
100 KB Download

Blumira_Google_IPs_20200325_IPv6
2 KB Download

Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required