What links, target-services or target host-IPs need to be allowed for Metadefender Core to function accurately?
This article applies to all MetaDefender Core V5 releases deployed on Windows or Linux systems.
If you have installed, or if you wish to install or use, the MetaDefender Core system in a restricted environment, you will have to allow access to the following hosts' to ensure MetaDefender Core’s accurate functioning:
- https://activation.dl.opswat.com - this is for product activation/licensing.
- https://update.dl.opswat.com - this is for fetching engine/database updates.
Even though the OPSWAT update servers host updates for all of the available engines we support, the custom engines might occasionally try to connect to their own cloud for updates.
This can be disabled under Firewall, after which the engines will only be updated via OPSWAT.
Configure MD Core’s proxy configuration settings if applicable for update server and activation server URLs.
IP address based allowlisting might fail after some time, since OPSWAT employs a CDN (Content Delivery Network) to achieve faster updates globally, and the IP addresses of edge servers might change over time.
Since August 2023, we've migrated to AWS Cloudfront as our CDN for Update Servers. Depending on your location, you'll be directed to specific Edge Locations, each with its own unique IP ranges. Ensure you've allowed the correct Cloudfront IP ranges by referring to: https://ip-ranges.amazonaws.com/ip-ranges.json
If you have any difficulty Installing and Setting Up MetaDefender Core in a restricted environment, please follow these instructions on How To Create a Support Package, before creating a support case or chatting with our support engineer.