To be able to communicate with Lacework, installed agents must be allowed to reach the following URLs:
- S3-us-west-2.amazonaws.com : 443
- api.lacework.net : 443
If URLs cannot be used for rule writing, api.lacework.net resolves to the following rotating IPs:
- 34.212.241.15
- 34.212.79.17
- 52.43.136.187
- 34.209.102.252
- 35.164.176.181
- 52.35.54.98
If required, the agent can be configured to use a network proxy by adding proxy information to the configuration file or by creating a https_proxy environment variable.
Adding Proxy Information to the Lacework Agent Configuration
To include proxy information, edit the proxy url key:
{
“proxyurl”:”http://your.proxy.server:port”
}
Adding a https_proxy Environment Variable
From the shell on the host on which the agent resides, use the following command to add your proxy url:
$ export https_proxy=“http:your.proxy.server:port”
Or if your proxy requires a password:
$ export https_proxy=“http://username:password@your.proxy.server:port”
Adding a Certificate
Lacework uses GoDaddy as its Certificate Authority. If the GoDaddy certificate is not in trusted root store, the agent will not be able to communicate with Lacework. Most current Linux distributions include the required certificate by default. In certain older distributions, the certificate may need to be added.