Prepare the Environment for Lacework

Preparing your environment for Lacework typically requires a few configuration adjustments, as described in this topic.

Lacework IPs

Lacework may attempt to connect to endpoints in your environment for various purposes, including for alerting (such as alerting through a web hook) or for image vulnerability scans of container registries.

To prepare your environment for Lacework, you need to configure any allow-lists to permit inbound connections from Lacework for the IP addresses listed in the following sections.

Region-Specific IPs

US

208.85.38  
165.121.10  
165.62.149
165.83.150  
166.181.157  
93.121.192/26
231.201.69
42.2.33
43.197.121  
88.113.199
200.230.179
203.18.234
213.7.200

EU

75.192.192/26
121.245.162
184.141.112
193.166.115

APAC

3.27.79.192/26

Lacework IaC IPs

The following IPs are only required for Lacework Infrastructure As Code (IaC) Security.

102.142.169
107.222.15
107.205.17
107.179.205

Outbound FQDN

If your Lacework Console users need to connect to Lacework from a firewalled environment, you must configure your allow-lists to permit outbound HTTP traffic to the following domains:

updates.lacework.net
*.lacework.net
*.lacework.com
docs.lacework.net
app.launchdarkly.com
events.launchdarkly.com
clientstream.launchdarkly.com

Lacework IPs​

Region-Specific IPs​

US​

EU​

APAC​

Lacework IaC IPs​

Outbound FQDN​

Lacework IPs

Region-Specific IPs

US

EU

APAC

Lacework IaC IPs

Outbound FQDN