How to Properly Whitelist the Liongard Platform

There are several forms of whitelisting which you may have to do with Liongard in order to fully leverage the platform. We have detailed each below, but if you have particular questions, please open a chat with Support.

On-Premises Agent & Self-Hosted Agent

If any of your networks heavily filter outbound traffic, you may need to whitelist some hosts in order for the Agent to send data back to Liongard. The Liongard Agent sends traffic outbound via HTTPS with a destination port of 443.

Please note 5 key URLs are used by the Agent and will need to be accessible in order for the Agent to properly function.

Find the URL below that closely matches your instance URL, whitelist it (replacing the question mark with the appropriate number) and whitelist the URLs shown under it.

aus?.app.liongard.com

  • sqs.ap-southeast-2.amazonaws.com
  • s3.ap-southeast-2.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.aus?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.aus1.app.liongard.com)

us?.app.liongard.com

  • sqs.us-west-2.amazonaws.com
  • s3.us-west-2.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.us?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.us1.app.liongard.com)

ca?.app.liongard.com

  • sqs.ca-central-1.amazonaws.com
  • s3.ca-central-1.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.ca?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.ca1.app.liongard.com)

uk?.app.liongard.com

  • sqs.eu-west-2.amazonaws.com
  • s3.eu-west-2.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.uk?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.uk1.app.liongard.com)

eu?.app.liongard.com

  • sqs.eu-central-1.amazonaws.com
  • s3.eu-central-1.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.eu?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.eu1.app.liongard.com)

sa?.app.liongard.com

  • sqs.sa-east-1.amazonaws.com
  • s3.sa-east-1.amazonaws.com
  • d2thwq4mlwsvm8.cloudfront.net
  • api.sa?.app.liongard.com (Replace the ? with the number listed in your Liongard URL. For example: api.sa1.app.liongard.com)

For Debugging Purposes:

Regardless of what region you are in, troubleshooting methods for debugging inspections may additionally require access to the following URL. If you need to engage in troubleshooting inspections or engage with Liongard Support, they may ask you to also whitelist this URL:

  • s3-us-west-2.amazonaws.com

Whitelisting for Integrations

If you are enforcing network security for tools like ConnectWise, IT Glue, AutoTask, etc. and you are using Liongard to populate those with documentation or have ticketing enabled, then it's important you whitelist the ingest processing IP address.

To find the IP address follow these steps:

  1. Log in to Liongard
  2. Click on your profile name in the upper right-hand corner of the Navigation Screen, and then select Account Settings
  3. In the Account Setting screen, click on the My Liongard Instance tab
  4. Finally, find the row in the table labeled Integrations IP Address. This is the IP address you need to whitelist for the application you are integrating with, depending on your specific setup.

Liongard Platform

If you want to whitelist the Liongard platform itself, for instance, if you want to allow your users access to it from your internal network, then, follow the steps outlined below:

  1. Log in to Liongard
  2. Click on your profile name in the upper right-hand corner of the navigation screen, and then, select Account Settings
  3. In the Account Settings screen, click on the My LiongardInstance tab
  4. Finally, find the row in the table labeled Application IP Address. This is the IP address you need to whitelist for the Liongard application itself.

Third-party Security Tools

Third-party security tools, such as ThreatLocker and Blackfog, are known to interfere with Liongard Agent communications. To avoid complications, ensure that you have whitelisted all necessary paths or set your software into "learning mode" before deploying the Liongard Agent.

The Liongard Agent must have access to c:\program files (x86)\liongardinc\liongardagent\jobs and c:\windows\system32\windowspowershell\v1.0


Did this page help you?