How to whitelist TruGrid outbound traffic on the firewall

TruGrid software does not require any INBOUND firewall access to function, however, TruGrid does require OUTBOUND access over TCP port 443 using HTTPS, in order to function.

The TruGrid outbound communication accesses various TruGrid Web Services. Restricting or denying outbound access to TruGrid software over TCP 443 will cause TruGrid to not function.

If you must deny or restrict outbound TCP 443 access in your network firewall, OS firewall, IPS / IDS systems, web proxies, antivirus, EDRs, etc., you must grant outbound TCP 443 access to TruGrid software, for the below list of TruGrid Web Services DNS names. Otherwise, TruGrid will not function.

If you have solutions that inspect or re-write SSL certificates, such as Zscaler, you must also add the below DNS list to your SSL Inspector BYPASS list; otherwise TruGrid will not function. As an alternative, or in addition, if your system supports a Bypassed URLs List, please add ws.trugrid.com and app.trugrid.com to your Bypassed URLs list.

List of External DNS Names that TruGrid communicates with over TCP 443 / HTTPS:
*.cloudapp.net
*.servicebus.windows.net
*.trugrid.com
*.trugrid.net
*.secureworkspace.io
*.trafficmanager.net,
*.azurewebsites.net
*.service.signalr.net
*.blob.core.windows.net
*.azurecontainer.io
*.azure-devices.net
*.onmicrosoft.com
*.windows.net
dc.applicationinsights.azure.com
dc.applicationinsights.microsoft.com
dc.services.visualstudio.com
dc.services.visualstudio.com
*.in.applicationinsights.azure.com
{your branded CNAME URL, if any}

If you need actual IP addresses instead of DNS names, Root Admin account owners can obtain the most current IP address list, using the IP Whitelist option.

Go to Company->Security Management->IP Whitelist and select Download


Selecting Download will allow you to select the file type CSV or JSON

Updated on: 05/11/2024