Strict IP restriction (instance security hardening)
Use the glide.ip.authenticate.strict property to enable a strict set of IP addresses, such as DC and secure VPN, to access this instance.
More information
| Attribute | Description |
|---|---|
| Property name | glide.ip.authenticate.strict |
| Configuration type | System Properties (/sys_properties_list.do) |
| Configure in Instance Security Center | Yes |
| Purpose | Allows ServiceNow employees to access the instance only through secured set of IP ranges |
| Recommended value | true |
| Functional Impact | If this property is not enabled, ServiceNow employees can access the customer's instance through all the IP ranges. Enabling the property restricts access to a secure set of IP ranges (Secure VPN,
DC). Note: If you set this property to true, the ServiceNow AI Platform uses a more restrictive glide.ip.authenticate.allow.secured property instead of the Performance Monitoring IP restriction. This property cannot be
overridden.glide.ip.authenticate.allow.secured) property for a set of IP ranges that can access the instance. |
| Security risk | (Low) Unnecessary exposure of instance access to wider group of people. |
| Reference | IP range based authentication |
To learn more about adding or creating a system property, see Add a system property.
Note:
A deny all rule is needed to be added into IP access control to restrict access from any
IP's not added into IP access control. All required allowed IP's are then needed to be added
into IP access control.