Corporate Network Configuration for CENTRL

 Network Configuration for application usage

All CENTRL users are advised to whitelist CENTRL's applications and URLs since some company firewalls, Data Loss Prevention (DLP), and/or Endpoint Protection (EP) might block its usage. Application whitelisting provides indexing of approved software applications that are permitted to be present and active on a computer system.

Palo Alto Networks

WebSense

CENTRL and Third-party URLs

Palo Alto Networks

It is highly recommended that a decryption exception is specified for usage of the CENTRL application.

Reference:  https://docs.paloaltonetworks.com/pan-os/7-1/pan-os-admin/decryption/configure-decryption-exceptions

Clients have reported issues due to the limitation of Palo Alto Networks “SSL decrypt exclude cache and unsupported ECDHE cipher suites” which requires an SSL bypass

Reference:  https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClfGCAS

Depending on the software version and updated version of the categorization engine determines the categorization of the URLs.  It is recommended that the URLs be manually categorized which provides correct access.

WebSense

It is highly recommended that a decryption exception is specified for usage of the CENTRL application.

Reference: https://www.websense.com/content/support/library/web/hosted/admin_guide/ssl_bypass.aspx

Depending on the software version and updated version of the categorization engine determines the categorization of the URLs. It is recommended that the URLs be manually categorized which provides correct access.

CENTRL and Third-Party URLs

 The list below is not exhaustive but includes the majority of the URLs in use. The list is subject to change.

 This will enable users to access and download content from these URLs without being blocked or flagged.

Production

*.oncentrl.com (It is highly recommended that a wildcard be used for maximum coverage)

http://www.oncentrl.com/

https://www.oncentrl.com/

http://web.oncentrl.com

https://web.oncentrl.com

https://analytics.oncentrl.com

https://auth.oncentrl.com

https://app.oncentrl.com

https://dsar.oncentrl.com

https://supportcenter.oncentrl.com/

https://pw4fraa4w4ghupkn.s3.us-west-2.amazonaws.com/

Third-Party Web and Application URLs

*.appcues.net                         In-Application Onboarding Assistance

*.zopim.com                           In-Application Support Chat

www.google-analytics.com       Google Analytics  

*.pingdom.net                        In-application Performance Monitoring

 Sandbox

*.oncentrl.net (It is highly recommended that a wildcard be used for maximum coverage)

https://sandbox.oncentrl.net

https://sandboxanalytics.oncentrl.net 

https://sandboxapp.oncentrl.net

https://sandboxauth.oncentrl.net

https://sandboxdsar.oncentrl.net

https://supportcenter.oncentrl.com/

https://jw3frab4s4ghupkx.s3.us-west-2.amazonaws.com/

Third-Party Web and Application URLs

*.appcues.net                         In-Application Onboarding Assistance

*.zopim.com                           In-Application Support Chat

www.google-analytics.com       Google Analytics  

*.pingdom.net                        In-application Performance Monitoring