Morro global file system is built on top of the public cloud infrastructure, such as AWS, Wasabi, Azure, etc. For the cloud-based file system to function, CacheDrive needs to access the cloud, needing to use only HTTPS (port 443) to communicate with cloud resources, so you must enable all HTTPS (port 443) outbound traffic.


Traditionally, administrators can help secure their network by restricting outbound connections to known trusted IP addresses, also known as whitelisting.  This was meant to prevent devices from accessing unauthorized sites. However, cloud services can be dynamic and scalable and are not necessarily at fixed IP addresses. It may grow address ranges as service grows. 


For Morro CacheDrive and Morro Edge devices, we strongly recommend against whitelisting outbound destinations by IP address.  While a given list of IP addresses may work today, there is no guarantee that they will continue to work tomorrow as Morro's cloud services and cloud storage providers continue to grow.  If the IP addresses for cloud storage or services change to the outside of the whitelisted range, access issues may arise.  


Instead of whitelisting IP addresses, we recommend using URLs instead. Please see the following lists of URLs used for the Morro Data Global File Services. As our service grows, the lists may be updated as needed. We reserve the right to update these lists without prior notice.


Amazon S3

To find the URL for your S3-based cloud storage, see the following article:


https://docs.aws.amazon.com/general/latest/gr/rande.html

https://aws.amazon.com/premiumsupport/knowledge-center/s3-find-ip-address-ranges/


For example, if your cloud storage uses S3 region us-west-1, the URL would be:


https://s3.us-west-1.amazonaws.com

https://*.s3.amazonaws.com

https://*.s3.us-west-1.amazonaws.com


Wasabi

To find the URL for your Wasabi-based cloud storage, see the following article:


https://wasabi-support.zendesk.com/hc/en-us/articles/360015106031-What-are-the-service-URLs-for-Wasabi-s-different-regions-


Morro Cloud Services

Morro uses the following destinations for outbound connections:


discovery.morrodata.com (device discovery)
smcd.morrodata.com (cloud server)
yoursubdomain.morrodata.com (MCM)
sqs.us-west-2.amazonaws.com (communication server)
mlock.morrodata.com   (RTC US West)
mlock-va.morrodata.com (RTC US East)
mlock-jp.morrodata.com (RTC Japan)
52.8.71.105 (remote support)

duujyvyqgknm1.cloudfront.net (firmware download)