IP restrictions
Add an additional layer of security by blocking all traffic by default and only allowing specific IP addresses to access the platform. In this article, you learn how to do this.
Introduction
IP restrictions or IP allowlisting is a way of giving access to the 3rdRisk platform to trusted individuals. With an IP allowlist, you can allow specific IP addresses to access the platform. If users are not accessing the platform from these specific IP addresses, they get a 403 forbidden message.
Combined with the platform's default security measures and SSO, this ensures a high level of protection against unauthorized access.
IP restrictions
Approach
IP restrictions are implemented by the 3rdRisk team. We are working on a feature to enable platform admins to implement IP restrictions.
Requirements
To implement IP restrictions, you must provide a list of IP addresses allowed to access the platform. At this moment it is not possible to implement IP restrictions by using IP ranges or IP subnet masks. These need to be converted to a list of IP addresses.
Not supported | Supported |
IP range: 104.192.143.1-104.192.143.5
| 104.192.143.1 104.192.143.2 104.192.143.3 104.192.143.4 104.192.143.5 |
IP subnet mask: 31.149.34.225/29 | 114.192.143.1 114.192.143.2 114.192.143.3 114.192.143.4 114.192.143.5 |
Process
The 3rdRisk partner coordinates the process of implementing IP restrictions. The 3rdRisk team will implement IP restrictions based on the input provided the partner. If no partner is involved, the 3rdRisk team will directly reach out to you.
1. Discuss IP restrictions
The first step is to discuss the need for implementing IP restrictions with your partner or the 3rdRisk team. By default, no IP restrictions are in place which means that all traffic is allowed to access the platform. Unless not feasible for your specific situation, we would always recommend implementing IP restrictions.
2. Complete intake form
The second step is to complete the intake form. You can download the intake form at the bottom of the page. The intake form consists of the following fields:
- Customer name: <insert name organisation>
- Partner name: <provide name partner organisation>
- Contact person: <provide contact person>
- Contact details: <insert contact details>
- Order number: <provide order reference number>
- Remark: <add a remark if necessary>
- List of IPs for allowlist: <add list of IPs for allowlist>
Please note that IP ranges and IP subnet masks are not supported.
3. Review and support
Your partner or the 3rdRisk team will support you with completing the intake form. After completion, your partner or the 3rdRisk team will review the intake form and get back to you in case of questions.
4. Implement
Implementation of the allowlist is done by the 3rdRisk team. After implementing the allowlist, the 3rdRisk team will contact you and ask you to verify whether you can still access the environment.
5. Approve
After a successful test, you are asked to approve the implementation of the IP restrictions formally.