Skip to Content

Implement IP Restriction to Admin Roles/roles with Access to Sensitive Information?

Our IT team is requesting to apply IP restrictions to all System Admins and to force login via VPN to only this group, due their access to sensitive data.

It appears that the IP Restrictions can be applied only by configuring which are allowed, but not to block particular IPs or specific roles/users. Has anyone discovered a workaround using layered security protocols? For example, is it possible to achieve the desired result (access does not require VPN connection for all users except for system admins, which must connect to VPN when offsite) by applying IP restrictions and use SSO configuration to block users, or block access to the site for specific users internally using certificates only accessible when connected to VPN, etc...)?

Thank you

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Nov 28, 2018 at 06:36 PM

    have you checked this option

    https://launchpad.support.sap.com/#/notes/2089414

    but it cant be based on roles etc as you indicated.

    Add comment
    10|10000 characters needed characters exceeded

  • Dec 06, 2018 at 09:20 PM

    I did see this article, but it doesn't quite match the request of our IT group, unless they would add all IP addresses except those that are of the targeted admins., which seems too difficult to maintain.

    Add comment
    10|10000 characters needed characters exceeded