Skip to main content

Hello,

I am seeking assistance to exclude Automox from Crowdstrike Network Containment Policies, allowing the Automox agent to communicate with the cloud even when containment/isolation measures are in lift.

Crowdstrike Falcon presently accepts only IP ranges for Network Containment Policy input due to security concerns related to domain names, as detailed here: Crowdstrike Discussion.

Automox provides a list of URLs used for agent-cloud communication, outlined in this guide: Automox Agent Firewall Allowlisting Rules. I am exploring methods to obtain Automox Cloud's IP range for exclusion. Would it enough to use the IP result from "nslookup api.automox.com"? Please give some advice, many thanks!

Best regards.

Did you ever get an answer @jake.g ?


Reply