Administrators and User Managers can create IP Allow Lists, which allow access to Skyhigh CASB from a defined list of IP addresses only. This feature supports SAML and non-SAML workflows.
IP Allow Lists can list IP addresses as comma-separated values, subnet-level ranges, or using Classless Inter-Domain Routing (CIDR) notation.
- 10.2.4.0-10.2.4.254 is acceptable
- 10.2.4.0-10.2.5.254 is not acceptable
- CIDR IP Range smaller than /24 is not supported and the IP ranges /24 and greater are supported. For example:
- 10.2.5.0/24 is supported
- 10.2.5.0/25 is supported
- 10.2.5.0/23 is not supported
- The IP Allow List must include your current IP address. If you save a new IP Allow List without including your current IP address, you will no longer be able to log into Skyhigh CASB after logging out. If you do lose the ability to log in, contact Skyhigh Security Support.
To create an IP Allow List:
- Go to Settings > User Management > IP Allow List.
- Toggle Enable IP Allow List to ON.
- Under IPs, enter your supported IP addresses as comma-separated values, or as a range of IP addresses. Make sure to include your current IP address.
- Click Save.