Enterprise DLP
Setup Prerequisites for Enterprise DLP Evidence Storage, Syslog Forwarding, and ICAP Forwarding
Table of Contents
Expand All
|
Collapse All
Enterprise DLP Docs
Setup Prerequisites for Enterprise DLP Evidence Storage, Syslog Forwarding, and ICAP Forwarding
Allow access to the IP addresses required for Enterprise Data Loss Prevention (E-DLP) Evidence
Storage, Syslog Forwarding, and ICAP Forwarding services.
Enterprise Data Loss Prevention (E-DLP) requires you to allow the same region-specific IP addresses on
your network for Evidence Storage, Syslog Forwarding, and ICAP Forwarding. If you have
already allowed these IP addresses for one service, you don't need to allow them again
for the others.
- Evidence Storage—Allow the IP addresses for the region or zone where Enterprise DLP scans traffic to— automatically store inspected files. To download stored files from your evidence storage bucket, you may also need to allow specific user IP addresses. If your organization uses a virtual private network (VPN), you must allow the subnets that can download files from your evidence storage bucket.
- Syslog Forwarding—Allow the IP addresses to forward Enterprise Data Loss Prevention (E-DLP) incident syslogs to your third-party security information and event management (SIEM), Security Orchestration, Automation and Response (SOAR), or other automated ticketing systems. This enables your SOC analysts and incident admins to triage, review, and resolve data security risks in your organization.
- ICAP Forwarding—Allow the IP addresses to integrate your existing on-premises third-party DLP solutions with Enterprise DLP using Internet Content Adaptation Protocol (ICAP). You can configure Enterprise DLP to forward inspected files to your on-premises ICAP server for further inspection while still leveraging the advanced inline ML-based detections that Enterprise DLP offers.
You must allow the Default IP addresses to successfully
connect to Enterprise DLP services. The region-specific IP addresses you need to
allow depend on the region or zone where Enterprise DLP scans traffic.
- Country IP Addresses
Region IP Address Date IntroducedAustralia13.54.198.248April 30, 202252.63.9.15434.87.236.168May 7, 2025Brazil56.124.6.8356.125.134.63November 10, 2025Canada15.222.125.234April 30, 202299.79.19.3334.118.182.133May 7, 2025France15.237.145.165April 30, 202213.36.207.21534.155.50.15May 7, 2025Germany3.123.172.116April 30, 202252.59.186.4235.198.73.41May 7, 2025India15.207.246.3April 30, 20223.108.103.21434.47.134.16May 7, 2025Japan3.115.43.201April 30, 202235.72.148.7735.74.96.3852.68.52.7734.84.142.203May 7, 2025Singapore13.228.151.58April 30, 202252.74.82.7734.142.217.106May 7, 2025Switzerland34.65.89.231June 13, 2025United Kingdom13.43.141.10April 30, 202218.169.44.22835.177.5.452.56.54.90(London, England) 35.197.230.50May 7, 2025(Default) United States of America3.230.176.219April 30, 20223.226.106.17318.190.146.2043.16.224.25334.223.123.7835.164.119.23052.27.148.9554.189.225.13634.135.174.89May 7, 202534.173.206.5234.172.74.25034.48.104.24435.197.73.22734.94.161.16534.66.246.16435.225.238.12435.223.231.16934.58.60.13035.238.28.6234.67.76.48104.154.217.1935.202.179.25334.123.101.142 - (Evidence Storage only) FedRAMP IP AddressesCountryIP AddressFedRAMP Impact LevelDate Introduced
United States 3.31.2.863.31.9.10715.205.197.250ModerateApril 30, 2022