Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Blacklist requests from an IP address in your network

Log in to subscribe to topics and get notified when content changes.

Blacklist requests from an IP address in your network

Because the Edge Encryption proxy server resides in your network, it may be subject to vulnerability scans by your network software. To prevent IP scanner or other requests from being forwarded to your ServiceNow instance, you can blacklist IP addresses, IP ranges, or network masks. Any connection to the proxy server from a blacklisted address is terminated and is not forwarded to your instance.

Before you begin

Role required: security_admin

To blacklist an IP address, you must be logged in to your instance through the proxy server.

Important: Ensure that you understand your network topology before blacklisting IP addresses in your network. If an IP address is added to the blacklist, any user with that IP address will be blocked from accessing the Edge Encryption proxy server.


  1. Navigate to Edge Encryption Configuration > Maintenance > Blacklist IP Addresses.
    The Encryption Proxy IP Blacklists [edge_encryption_ip_blacklist] list view opens.
  2. Click New.
  3. Complete the form.
    Field Description
    Proxy server The Edge Encryption proxy server that is prevented from forwarding requests from blacklisted addresses.
    IP, IP range, or net-mask Requests from this IP address, range, or network mask are not forwarded to your ServiceNow instance. Example values include:
    • IP address:
    • IP range:
    • Network mask:
    Active Whether the record is active. Only IP addresses from active records are prevented from sending requests to the instance.
    Description Description of the blacklist record.
  4. Click Submit.
  5. Repeat these steps for all other proxies for which an IP address should be blacklisted.


The Edge Encryption proxy server terminates any connection from a blacklisted IP addresses, range, or network mask and cannot forward the request to the instance.