Our IP Address Range Is Not Too Large

Our customers and their counterparties often question the size of the Files.com IP address block (which contains 4,096 addresses) when configuring firewall allow-lists, often expressing a preference for a single IP address.

We think that this concern is generally misguided and fails to appreciate that we are the largest cloud-based MFT vendor in the world, and that we operate with a high degree of security.

Files.com owns and exclusively operates the entire 198.72.80.0/20 IP block. All infrastructure in this range is production infrastructure managed by Files.com. No third-party systems or services exist within this range, and all traffic is Files.com platform traffic.

From a security perspective, allowing a subset of this range instead of the full range provides no meaningful risk reduction. Attempts to reduce the allow-list are unnecessary.

This range should be allow-listed in full for reliable operation.

Why We Require A Large Range

The Files.com platform operates across multiple global regions, each with multiple availability zones. We allocate portions of this IP range across those regions and zones to support high availability, load distribution, and failover during maintenance or outages. This requires having a large range with thousands of IP addresses.

Many of our customers have shared this document directly with internal security teams, network administrators, or external partners and vendors. It provides the necessary context to approve the firewall configuration.

Workaround: Custom Domains

There is a way to get two dedicated IP addresses, and that's by adding a custom domain to your site. This does effectively work around the large IP allow list, but it really isn't a good idea to add a custom domain solely for this purpose.

Sites using custom domains do not take advantage of Files.com’s geographically distributed architecture, which can reduce the performance of your site for all users.