Because the Edge Encryption proxy
server resides in your network, it may be subject to vulnerability scans by your network
software. To prevent IP scanner or other requests from being forwarded to your ServiceNow instance, you can
blacklist IP addresses, IP ranges, or network masks. Any connection to the proxy server from
a blacklisted address is terminated and is not forwarded to your instance.
Role required: security_admin
To blacklist an IP address, you must be logged in to
your instance through the proxy server.
Important: Ensure that you understand your network topology before
blacklisting IP addresses in your network. If an IP address is added to the
blacklist, any user with that IP address will be blocked from accessing the Edge Encryption proxy
server.
-
Navigate to .
The Encryption Proxy IP Blacklists [edge_encryption_ip_blacklist] list
view opens.
-
Click New.
-
Complete the form.
Field |
Description |
Proxy server |
The Edge Encryption proxy server that is prevented from forwarding requests
from blacklisted addresses. |
IP, IP range, or net-mask |
Requests from this IP address, range, or network mask are
not forwarded to your ServiceNow instance. Example values include:
- IP address: 10.10.10.5
- IP range: 10.10.10.1-15
- Network mask: 10.10.10.0/24
|
Active |
Whether the record is active. Only IP addresses from
active records are prevented from sending requests to the
instance. |
Description |
Description of the blacklist record. |
-
Click Submit.
-
Repeat these steps for all other proxies for which an IP address should be
blacklisted.
The Edge Encryption proxy server terminates
any connection from a blacklisted IP addresses, range, or network mask and cannot
forward the request to the instance.