Sophos Central Admin: Sophos Central Engineering will be performing routine maintenance to Sophos Central on Saturday February 1, 2020 starting at 13:00 (UTC). For more info please see KBA 133402.

Whitelists and Pre-requisites (Destination FQDN, Flash)

A customer had the following queries :


1. List of IP / Domains to be whitelisted for incoming email : This would be the 2 IP's seen in Central along with specific domains if required.

2. List of IP / Destination FQDN to be whitelisted (in customers Web Proxy) in order for Training to properly load : Is '' the only one ?

3. List of workstation dependent pre-requisites - Does Flash need to be enabled or all training slides and videos are HTML5 based ?


Can you please confirm on questions 2. and 3. ?

  • Hi Anish,

    2. The way our training links work is that the link in the email is the same as the sender domain, so the initial request will be to that domain, which will then redirect to I don't think our domains are likely to be filtered by a web proxy, but you can certainly whitelist all of the sending domains and just to be safe.

    3. We do not use any Flash. Everything is video or HTML5.

    Let me know if you have any more questions.


  • In reply to Scott Epple:

    Thanks for that Scott !

    I do have another question. Following the above instructions will enable users to reach the initial landing page (attack domain website) and also get access to


    However, in case if I use Video Training, the page links to Vimeo Player where we host the video content. (Example:

    Now this particular customer cannot whitelist the entire '' domain. They are wondering if we maintain a list of URLs of videos hosted on Vimeo and if all these links can be shared ? I do understand that this will have to be a continuous process since we keep adding attack and training content regularly. 

    Can you please share the current list of Vimeo videos ? Do PM me if required.


    (Suggestion - KB article with all active video links).

  • In reply to Anish Deval:

    We are having the same issue. Was this ever resolved?