FactSet allow list

FactSet Desktop Workstation, Web Workstation, and Mobile must be able to communicate with https://*.factset.com on TCP port 443.

In addition to the above requirement:

• FactSet Desktop Workstation requires outbound-initiated connections to the FactSet owned subnet 164.55.224.0 (255.255.224.0) on TCP port 6672*

* Not web proxy aware and will need to be allowed on your edge firewall.



• FactSet Programmatic Environment (FPE) requires an outbound-initiated connection via a Secure WebSocket to wss://fpe.factset.com


• FactSet Web Workstation and FactSet 365 for Excel require an outbound-initiated connection via a Secure WebSocket to wss://rtgateway.factset.com


• Research Reports, available within Desktop Workstation and Web Workstation, require access to the below list of Research providers URLs on TCP port 443


• Bank of America - Merrill Lynch Research Reports:
• https://baml.com
• https://bankofamerica.com
• https://ml.com


• Barclays Research Reports:
• https://livestage.barcap.com
• https://liveqa.barcap.com
• https://live.barcap.com


• Citi Research Reports:
• https://uat.ir.citi.com
• https://ir.citi.com
• https://citiresearch.sc.omtrdc.net
• https://uat.citivelocity.com
• https://www.citivelocity.com


• Morgan Stanley Research Reports:
• https://ny.matrix.ms.com
• https://matrix.ms.com
• https://ny.matrix-uat.ms.com
• https://matrix-uat.ms.com
• https://morganstanley.com
• https://morganstanley.demdex.net
• https://researchportal.ms.com
• https://resportalqa.ms.com


• UBS Research Reports:
• https://neo.ubs.com
• https://ubstest.com

FactSet recommends that https://*.factset.com, wss://fpe.factset.com, wss://rtgateway.factset.com, the above list of Reseach provider URLs, and the below list of OCSP and CRL URLs are added to the allow list on all HTTPS inspection points, such as firewalls, web proxies, and VPN concentrators for optimal performance and to avoid FactSet traffic from being decrypted, scanned, or denied.

Security certificates are used to secure both the integrity of the installed files and to encrypt FactSet’s HTTPS traffic. The OCSP (Online Certificate Status Protocol) and CRL (Certificate Revocation List) URLs below are used by the Windows Cryptographic service to obtain the revocation status of the digital certificates used by FactSet. Windows periodically confirms the authenticity of all certificates by completing OCSP and CRL checks. If these requests are denied or delayed it will result in unnecessary delay or failure while using FactSet products.

FactSet Desktop Workstation must be able to access the following list of folders and files to run and function properly.

FactSet recommends that the below list of FactSet folders and files are added to the allow list on all endpoint security protection and user virtualization solutions for optimal performance and to avoid FactSet folders, processes, or traffic from being hook injected, decrypted, scanned, denied, quarantined, or deleted.

FactSet Desktop Workstation folders**

FactSet Desktop Workstation process list