- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2023 01:20 PM
Hello,
My company has a requirement to allow certain ip ranges and block all else. I added the ip ranges that are allowed in IP Address Access Control easily. The issue is how do I ensure all other ranges are blocked? It would be an exhaustive exercise to input all other ip ranges that I wish to block and I cannot imagine I am the first person to have this issue.
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2023 04:45 PM
Hey there,
Just a heads up - this may be more of an item for the 'NOW Platform' Product Hub, rather than the SecOps specific area (for Security Operations Applications).
To get you going though - what you describe, is the actual intent of employing IP Address Access Control, on the NOW Platform.
After your Allow Rules, you could in theory employ a Deny at the end for all IP Ranges (not within the Allowed List - e.g. 0.0.0.0 to 255.255.255.255) - with great attention to detail ensuring you don't lock out your own IP ranges 🙂
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0749055
You may also want to check out Adaptive Authentication and a Default Allow Policy.
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1124090
Posting on the 'NOW Platform' Product Hub would be best if you have more questions on this, for more accurate responses.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2023 04:45 PM
Hey there,
Just a heads up - this may be more of an item for the 'NOW Platform' Product Hub, rather than the SecOps specific area (for Security Operations Applications).
To get you going though - what you describe, is the actual intent of employing IP Address Access Control, on the NOW Platform.
After your Allow Rules, you could in theory employ a Deny at the end for all IP Ranges (not within the Allowed List - e.g. 0.0.0.0 to 255.255.255.255) - with great attention to detail ensuring you don't lock out your own IP ranges 🙂
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0749055
You may also want to check out Adaptive Authentication and a Default Allow Policy.
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1124090
Posting on the 'NOW Platform' Product Hub would be best if you have more questions on this, for more accurate responses.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-20-2023 07:02 AM
Hello,
Thanks for the feedback. SN Support also said to add all ranges to denied list. I tried it and it worked.