In the Security module, on the Restrict Access page, you can enable and define one or more IP addresses, or range of IP addresses that can access your Enterprise Admin Console. When enabled, only Enterprise Admins or Custom Admins using the defined IP addresses can access the Enterprise Admin Console.
By default, there are no restrictions by IP address to access the Enterprise Admin Console. The Enterprise Admin, or a Custom Admin with Security module privileges can enable or disable, and define IP address restrictions. When IP restrictions are defined, and then saved, the admin making the changed, and all other Enterprise admins are immediately logged out. If the admin making the IP restriction is not within one of the specified IP addresses, an alert message is displayed and the admin is returned to the Restrict Access page.
When enabled, if an admin attempts to log on to the Enterprise Admin Console from an IP address not within the specified list of allowable IP addresses, the log on is denied and the following message is displayed,
"Admin access to your domain is limited to specific IP addresses. Please login from a designated IP address."
The following illustration is an example of the Restrict Access page in the Security module with no IP address restrictions defined.
Enabling IP Address Restrictions
To enable and define IP address restrictions for your Enterprise Admin Console, complete the following steps.
- In the Security module on the Restrict Access page in the Enterprise Admin Console, click Enable IP Address based access. The Disable IP Address based access button and the IP Address Definition section is displayed.
- In the Start IP Address column, in the first row, enter the IP address, or starting IP address for a range, for example, 184.108.40.206.
- In the End IP Address column, enter the ending range, for example, 220.127.116.11. For restrictions to a single IP address, enter the same IP address in the Start IP Address field and the End IP Address field.
- In the Name column, optional enter a name for the IP address used in the Enterprise Admin Console, for example, Orlando Network.
- In the Description column, optionally enter a description for the IP address, for example, Orlando network center direct access.
- Click Add More to add a new row if needed.
- Click Save.
If the Enterprise Admin defining the IP address range is logged on to an IP address within that range, the IP address restrictions and the Restrict access details successfully saved message is displayed, and the IP address restrictions are enabled.
Disabling IP Address Restrictions
To disable IP address restrictions for your Enterprise Admin Console, click Disable IP Address based access as shown in the following illustration.
In addition to limiting access to Enterprise Admin Console by IP address, you may want to consider additional security options such as a more secure password policy, and using Single Sign-On. For more information, see Defining a Password Policy and Using Single Sign-On.