Zero-trust region policies

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Zero-trust region policies

L0 Member

We are testing out using a Zero-trust policy to block traffic to and from all regions but a few known good or needed regions. I am running into issues with Microsoft, AWS websites and services that roll to different data centers and IPs around the globe. Does anyone have any suggestions to allow traffic to these sites and services without having to manage a large list of IPs or sites?

 

 

1 REPLY 1

Cyber Elite
Cyber Elite

@drischar,

You'll likely end up making use of multiple solutions depending on what you are doing and what services you are actually trying to keep updated. Some things you'll be perfectly fine using custom URL categories, others are better off being managed through an EDL powered by something like MIneMeld, others can be solved through FQDN objects, and others you may actually need to keep updated through the API and scripting something to automate the process. 

  • 1582 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!