- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-06-2024 02:07 AM
How does the security feature Allowed Sessions works via approved domains? Does it just reverse lookup the source IP?
BR
Dennis
08-06-2024 03:53 AM
Allowed sessions is to control who can login into the xdr console.
If you add your organization domain in allowed domains, then only users from that domain would be allowed.
E.g. I add abc.com as the allowed domains then any user login using user1@abc.com would be allowed whereas user1.xyz.com would not be able to access the xdr console.
Allowed Ips restricts logins by ip address ranges.
If you enable both, then it combination of domain and ip range.
So user1 has been to user1@abc.com and his connection to xdr console should be coming from the approved ip range
08-06-2024 03:53 AM
Allowed sessions is to control who can login into the xdr console.
If you add your organization domain in allowed domains, then only users from that domain would be allowed.
E.g. I add abc.com as the allowed domains then any user login using user1@abc.com would be allowed whereas user1.xyz.com would not be able to access the xdr console.
Allowed Ips restricts logins by ip address ranges.
If you enable both, then it combination of domain and ip range.
So user1 has been to user1@abc.com and his connection to xdr console should be coming from the approved ip range
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!