# Network Requirements

To use Seal, your environment must be able to reach the following domains over HTTPS. Ensure these are whitelisted in your firewall, proxy, or network policy.

## Core Seal Services (Always Required)

| Domain                          | Purpose                                              |
| ------------------------------- | ---------------------------------------------------- |
| `cli.sealsecurity.io`           | Configuration, fix rules, and project initialization |
| `authorization.sealsecurity.io` | Authentication and token validation                  |

## Seal Assets (Always Required)

| Domain                          | Purpose |
| ------------------------------- | ------- |
| `d2zko6i8myndc4.cloudfront.net` | Assets  |
| `d2yf0nsg4eo6kr.cloudfront.net` | Assets  |
| `d1xflzzelmcieu.cloudfront.net` | Reports |

## Seal Artifact Servers (Allow Based on Ecosystems in Use)

Allow the relevant artifact servers depending on which ecosystems are used in your environment:

| Domain                      | Ecosystem                 |
| --------------------------- | ------------------------- |
| `nuget.sealsecurity.io`     | .NET / NuGet              |
| `npm.sealsecurity.io`       | Node.js – npm, Yarn, PNPM |
| `pypi.sealsecurity.io`      | Python – pip, Poetry      |
| `maven.sealsecurity.io`     | Java – Maven, Gradle      |
| `go.sealsecurity.io`        | Go Modules                |
| `packagist.sealsecurity.io` | PHP – Composer            |
| `ruby.sealsecurity.io`      | Ruby – RubyGems / Bundler |
| `rpm.sealsecurity.io`       | RHEL / CentOS             |
| `deb.sealsecurity.io`       | Debian / Ubuntu           |
| `apk.sealsecurity.io`       | Alpine Linux              |