Docs » Administer Your Organization » Allow SignalFx services

Allow SignalFx services 🔗

SignalFx is composed of a number of different services. For organizations with more stringent networking security policies around sending data to third parties, you can use one of the following mechanisms to ensure access to the SignalFx services:

If your policies require that you identify static IP addresses, then choose one of the first two options.

Use a simple http/https proxy 🔗

If you can get out to the WWW via proxy, then this is your simplest option. collectd supports communicating over an https proxy, as does the SignalFx Gateway (formerly called the metric proxy).

Use the SignalFx Gateway 🔗

You can run the SignalFx Gateway itself (formerly called the metric proxy) in a DMZ.

Allow URLs through proxy 🔗

Note about realms

A realm is a self-contained deployment of SignalFx in which your organization is hosted. Different realms have different API endpoints (e.g. the endpoint for sending data is for the us1 realm, and for the eu0 realm).

Various statements in the instructions below include a YOUR_SIGNALFX_REALM placeholder that you should replace with the actual name of your realm. This realm name is shown on your profile page in SignalFx. If you do not include the realm name when specifying an endpoint, SignalFx will interpret it as pointing to the us0 realm.

If your organization’s networking security policies require services delivered over the Internet to be individually allowed, please ensure that the following URLs are allowed through your proxy:



Allow individual domains 🔗

If you are unable to allow all domains that match * or * as shown above, you can allow the following: