IT Admins | How do I add Cirrus Insight to trusted/allowed lists?

Overview

IT departments should allow Cirrus Insight communications and connections to ensure users have full access and functionality.  The Cirrus Insight application, emails, IP addresses and API calls should be added to trusted/allowed lists. 

Many organizations do not need to perform this work, but if your environment requires any or all of the measures below, your IT department can implement these recommendations.

Email Delivery

Cirrus Insight uses email verification for account activation and password reset.  Additionally, there are system generated communications for training and updates.  To ensure Cirrus Insight emails are always delivered and never show up in your Junk Mail folder, your IT department can allow "cirrusinsight.com" and "zynbit.com" on the mail server.                     

Salesforce App Authentication

Salesforce has several mechanisms to prevent or allow connected apps to authenticate. Consult with your Salesforce Administrator if necessary.

Salesforce Login IP Ranges

Salesforce allows administrators to restrict the IP addresses that are allowed to log into their Salesforce environment.  If your org restricts Login IP Ranges, you will need to add Cirrus Insight’s list of IPs to your configuration.

 Implementing Login IP Ranges

• Contact Manager (Group, and Professional editions) - Login IP Ranges are found under Security Controls > Session Settings (This will apply globally to all users).
• Enterprise (Unlimited and Developer editions) - Login IP Ranges are managed on a per Profile basis, and will apply only to user’s with that Profile. Profiles can be managed from the Manage Users > Profiles section.
• For more information, see the following  Salesforce article:
  • What is the difference between Network Access, Session Settings, and Profile-Based IP Restrictions
  • Note: If using Login IP Ranges, disable the Session Setting “Enforce login IP ranges on every request” as it can create conflicts with OAuth connected apps.
    
    

Trusted Domains

Some companies have monitoring services with their company firewall, which can block internet traffic to and from certain domains.  This will automatically block inbound and outbound traffic for unrecognized domains.  Cirrus Insight for Outlook and Gmail use the domains listed below.

If you are experiencing issues related to Cirrus Insight logins, please share this document with your IT department and request they add the domains below to the trusted sites list.  For Outlook users, you can first try adding these Cirrus Insight domains to your trusted sites via internet Explorer.

The primary site for the Cirrus Insight web portal for both users and admins.

API used to authenticate to Cirrus Insight for user login and subscription; provide email tracking and web tracking data for each Cirrus Insight user; and request tracking pixels, link rewrites, email opens, link clicks, and contact web visitor history.

For Gmail and Outlook Web App users, this site retrieves API wrappers (basic UI protocols) for the Cirrus Insight Java Script plugins.

Web application hosting the Outlook web add-in.

Message server that allows the Sidebar to stay synchronized with the Outlook/Gmail email client.

Allows for in-app guides and enhanced product support.

Google service that reduces bandwidth usage and increases network performance.

Firewall IP Addresses

The following IP addresses should be allowed to pass through the firewall.

Chrome Extension (for Gmail)

Email Tracking

Proxy Servers

Some companies also use a proxy server to provide administrative control over internet content.  If your company uses a proxy server then the following exceptions for Cirrus Insight should be added:

Updated Jan. 2023