DLP ICAP Requirements
Looking for the latest changes?
Changelog.
- In order to ensure that the Zscaler service can communicate with your DLP server using Internet Content Adaptation Protocol (ICAP), you must configure your firewall to allow the traffic described below.
Service | Source | Destination | Description |
---|---|---|---|
TCP/1344 (ICAP) | Zscaler Enforcement Nodes (ZEN) on FCC Cloud | Customer DLP Server Public IP | Traffic sent by the Zscaler service to customer’s public-facing appliance (DLP server or Load Balancer) using ICAP |
TCP/11344 (ICAPs) | Zscaler Enforcement Nodes (ZEN) on FCC Cloud | Customer DLP Server Public IP | Traffic sent by the Zscaler service to customer’s public-facing appliance (DLP server or Load Balancer) using ICAPs * |
* ICAPs requires a third-party application (s-tunnel or other similar applications) to decrypt the traffic.
ZEN IP Addresses on FCC Cloud
Required IP Addresses |
---|
104.129.192.118 to 104.129.192.126 |
165.225.72.138 to 165.225.72.146 |
199.168.148.90 |