Sep 27 2018 07:40 AM
Hi,
I am currently evaluating CAS and I'm a little confused with regards to setting IP address ranges. I have read the CAS documentation on IP address ranges which makes sense, but when I create custom corporate ranges do I specify the internal ranges, e.g 10.0.0.0/16 or do I specify the IP addresses that users access the Internet from (egress Internet IP address on the proxy).
The reason that I ask is that if I look at Discover / IP addresses I can see the internal IP addresses of 10.0.0.0/16, but if I look in the activity log I only ever see the external IP addresses eg 40.114.136.114.
I can see that I can defined these IP address ranges in policies, such as Access Policies, but again these see to be using the external IP address not the internal non-internet routeable ones.
Can someone clarify this for me, as I think that only the external IPs used for Internet egress should be specified?
Kind regards,
Stuart
Sep 28 2018 04:40 AM
Please register both. As you see discovery data comes from your proxy/FW which can see your internal IPs. Most API connected apps see only your external IP. registering both will allow cloud app security to understand what IPs your users might come from normally.
Sep 29 2018 01:49 PM - edited Sep 29 2018 01:50 PM
SolutionHi,
You must configure all IP's that you have in your organization. From Internal, VPN and external.
The reasons for all address is when you're creating policies, making an investigation and need to view visibility. Also, the difference shown between all those IP's must be in the portal.
For example, the Affiliation (under account filters) that is either Internal or External to make sure from your users is coming.
Eli.
Sep 29 2018 01:49 PM - edited Sep 29 2018 01:50 PM
SolutionHi,
You must configure all IP's that you have in your organization. From Internal, VPN and external.
The reasons for all address is when you're creating policies, making an investigation and need to view visibility. Also, the difference shown between all those IP's must be in the portal.
For example, the Affiliation (under account filters) that is either Internal or External to make sure from your users is coming.
Eli.