- s3-us-east-2.amazonaws.com (tcp/443)
- 22.214.171.124 (tcp/443)
- 126.96.36.199 (tcp/443)
- Set the
- Or, add the following to config.json:
New: Enterprise Networking
Available in sensor version 1.2.4+
Red Canary CWP sensors rely on AWS S3 for communication and in some cases, it may not fit with an organization’s needs and strategy to expose outbound firewalls to large IP address ranges such as an entire AWS S3 region.
For these situations, new enterprise networking may be leveraged to connect to a more limited range of addresses. This allows you to connect to a single Red Canary domain, https://cwp-ingest.redcanary.io, for delivery of all telemetry and health and error reporting. This is available in any paid CWP account.
Currently, to configure enterprise networking, please first reach out to us to obtain your Outpost authentication token. You can request it via your dedicated Slack channel or contact us at email@example.com.
Add the following keys to /opt/redcanary/config.json. Both are required for enabling enterprise networking.
Once the new configuration is saved, restart the service for enterprise networking to take effect.
systemctl restart cfsvcd
Please allow-list https://cwp-ingest.redcanary.io.
If there are any issues, check the sensor log file for errors relating to
Outpost and reach out for support if needed. You can contact us in your dedicated Slack channel or at firstname.lastname@example.org.