This document provides the list of domains which are required for seamless agent communication with the server.
Communication across remote offices is possible in two ways:
Roaming users directly contact the Patch cloud server. Since these users are constantly roaming, they can't be managed by a central server.
Therefore, the roaming agents should connect to these websites:
This domain will be used specifically by agents for communicating with the Patch Cloud Server.
This is the Server's URL. The Roaming Agent updates the patch status to the Patch Cloud Server. In order to contact the Patch Cloud Server, the Roaming Agent has to connect to patch.manageengine.com.
This website will have the latest patch information along with the download URLs. To find the missing patches during the scan process, the agent gets the latest patch details from the patch database, for which it has to connect to patchdb.manageengine.com.
The Roaming agent has to connect to patchdatabase.manageengine.com in order to download dependency patches from the Patch Manager Plus Server.
The Roaming Agent has to connect to dms.zoho.com, to perform on-demand operations. Say a user has added a new computer to the network, and he immediately wants to scan that computer. In that case, the user should perform an on-demand operation. So, the agent should connect to dms.zoho.com. By doing so, the user will be able to scan his systems immediately.
The DS should connect to us3-dms.zoho.com and us4-dms.zoho.com in order to perform the operations involved in installing the agents using local AD without being interrupted.
The Roaming agent should connect to downloads.zohocdn.com in order to download the new agent binaries that are required during upgrade process.
The agent should connect to files-me-accl.zoho.com to download files from the server.
Distribution Server is a component which allows you to download patch binaries from the respective vendor websites and distributes it to all the computers managed by it.
The DS should connect to these websites:
The agents which belong to remote office/WAN should connect to these domains:
This domain will be used specifically by agents and the DS for communicating with the Patch Cloud Server.
The replication of patches is done in the DS. The DS will then update the replication status to the Server, for which it has to connect to patch.manageengine.com.
The remote office/WAN agents will contact the Server to update the patch status. So it has to connect to patch.manageengine.com.
The DS gets the latest patch information from this website. It also downloads the patch binaries from the vendor's site through the download URL in this patchdb website. So it has to connect to patchdb.manageengine.com.
The DS has to connect to this website in order to download the dependency patches from the Patch Manager Plus Server.
The DS should connect to us3-dms.zoho.com and us4-dms.zoho.com in order to perform the operations involved in installing the agents using local AD without being interrupted.
The remote office/WAN agents should connect to this website to perform on-demand operations.
The DS should connect to downloads.zohocdn.com in order to download the new agent/DS binaries that are required during upgrade process.
The agent should connect to files-me-accl.zoho.com to download files from the server.
Here's the list of IP addresses that are required to be added to the whitelist
Follow the steps mentioned below to whitelist the IP for the domain downloads.zohocdn.com:
As IP changes periodically, there is a need to whitelist them regularly. To avoid this, it is advisable to whitelist the aforementioned IP's as downloads.zohocdn.com is a CDN server for which the IP will be resolved using a GeoDNS.