Network requirements for accessing Bindplane Cloud
This document describes the minimum outbound network access required for Bindplane Cloud usage, including collector connectivity and management traffic.
Firewall Requirements
The following firewall rules are required for accessing the Bindplane Cloud platform. This includes user browsers, API clients, and collectors.
app.bindplane.com
The primary endpoint for Bindplane Cloud is https://app.bindplane.com. This endpoint serves all user traffic including browsers, API clients, and managed collectors.
Protocols
The following operations access app.bindplane.com over port 443:
Collectors (OpAMP WebSocket)
User browsers (HTTPS and WebSocket)
API requests (HTTPS REST)
Your firewall and/or proxy must allow WebSocket upgrades.
Egress
Allow outbound access to Bindplane Cloud:
Host:
https://app.bindplane.com(TLS)IP:
34.120.255.184Port:
443/tcp
Note: IP addresses associated with app.bindplane.com can change in the future. If your environment supports it, prefer allowing outbound access by hostname (SNI/explicit proxy allowlist) rather than pinning a single IP. If you must pin IPs, ensure you have a process to update allowlists when the resolved IP changes.
Outbound access to Bindplane Cloud is required to support collector management.
Ingress
Bindplane Cloud does not require inbound access into customer networks. Collectors initiate outbound connections to Bindplane Cloud; Bindplane Cloud does not initiate inbound connections to collectors.
Other Endpoints
bdot.bindplane.com
Collector installation scripts utilize this endpoint for collector downloads. This endpoint utilizes HTTPS and does not require websocket.
Allow outbound access to Bindplane Cloud:
Host:
https://bdot.bindplane.com(TLS)IP:
34.36.182.107Port:
443/tcp
FAQ
Q: Does Bindplane use Transport Layer Security (TLS)? A: All connections to Bindplane cloud utilize Transport Layer Security (TLS).
Last updated
Was this helpful?