Network & Connectivity
Monozu Cloud is hosted by Monozu at cloud.monozu.io. Your organization does not deploy the cloud stack. Edge appliances at your sites are supplied by Monozu; this page lists what your network team must allow for browsers, those appliances, and optional integrations. For on-site setup, see Connect & Register.
Public endpoints
Section titled “Public endpoints”Allow outbound HTTPS from your site and from user workstations to:
| Host | Used by | Purpose |
|---|---|---|
cloud.monozu.io | Browsers, edge appliances | Web app, control plane (registration, config, commands) |
ingest.cloud.monozu.io | Edge appliances | Telemetry, logs, alerts, discovery uploads |
| VPN Hub hostname (provided at onboarding) | Edge appliances, VPN clients | WireGuard remote access |
The exact VPN Hub hostname is provided by Monozu during onboarding and may appear in Settings for your tenant.
Traffic direction
Section titled “Traffic direction”| Source | Destination | Protocol | Notes |
|---|---|---|---|
| Edge appliance | Cloud hosts above | HTTPS (443) | Always outbound from customer site |
| Edge appliance | VPN Hub | WireGuard (UDP) | Outbound; no inbound port forwarding on the appliance |
| User browser | cloud.monozu.io | HTTPS (443) | Standard web access |
| User browser | Cloud | WSS (443) | Real-time VPN session status and security alert inbox |
Corporate proxy and TLS inspection
Section titled “Corporate proxy and TLS inspection”- Browsers and edge appliances must trust the certificate chain presented by Monozu endpoints.
- If you terminate TLS on a corporate proxy, allowlist the hosts above or configure the proxy to pass through without breaking certificate pinning used by the edge agent.
- Test from a representative VLAN after any proxy policy change.
Ensure forward DNS resolution works for all hosts your deployment uses. Blocklists or split-horizon DNS that resolve Monozu hosts to incorrect IPs will break registration and ingest.
Data isolation (organizational)
Section titled “Data isolation (organizational)”Each customer organization (tenant) has separate data in Monozu Cloud. Users only see assets, incidents, and settings for their tenant. Cross-tenant access is not available to tenant administrators.