Adobe Experience Platform

AmitRaghuwanshi · 12/6/22

Hi Team,

Is there a way by which we can restrict the Adobe Experience Cloud (AA, AT, AEP etc. ) Access within the company IP Range. So if a user try to access the Adobe Experience Cloud products outside corporate network they cant access it.

Please note - I know this can be achieved for Adobe campaign classic and AEP but my query is for the cloud based adobe products.

Please let me know how to achieve this?

With Regards, Amit Raghuwanshi

leocwlau · 12/7/22

Unfortunately, I believe your wish will never be fulfilled unless Adobe making on-premise option for AA/AT/AEP, which is a bit unlikely to happen.

On a different point of view, in the current SaaS and connected systems environment, it is getting harder and harder to lock everything, everyone has a smartphone with camera now. The security concern needs to supplemented with security awareness training, code of conduct, and putting trust to our members to do the right things, on top of technical security measurement.

View solution in original post

Avinash_Gupta_ · 12/6/22

Hi @AmitRaghuwanshi

IP based restriction is provided in some of the Adobe products like Adobe Analytics, Marketo. You can exclude data from specific IP addresses, such as internal website activities, site testing and employee usage, from your reports.

https://experienceleague.adobe.com/docs/analytics/admin/admin-tools/exclude-ip.html?lang=en

https://experienceleague.adobe.com/docs/marketo/using/product-docs/administration/additional-integra...

All the Adobe products are cloud based and Adobe has already take care of the security. In one of the article I have found that IP allowlisting is not required for outbound actions because Adobe cloud products run on servers with dynamically changing IP addresses. Additionally, third-party actions from are secured using an API key or token-based authentication, inaccordance with best security practices

Access Control : Adobe Experience Platform customers can use a robust set of access control capabilities to manage access to resources and workflows. Role-based access control ensures that only authorized users can access data and attribute-based access control enables administrators to
control access to specific objects and/or capabilities based on attributes.

Hope this helps.

AmitRaghuwanshi · 12/7/22

Hi @Avinash_Gupta_

As mentioned in my question, its more about accessing the Adobe Experience Cloud User interface and not related to the internal functionality example (e.g. Adobe analytics tracking etc) you gave in your response.

My ask is, it there a possibility if I want to restrict the user interface of Adobe Analytics like products in Adobe experience platform which should be accessible only from certain IP.

Let me know if you know anything regarding this? Thanks

With Regards,

Amit Raghuwanshi

Avinash_Gupta_ · 12/7/22

Hi Amit,

I don't think any such IP based restriction exist on Adobe Experience Cloud however reach out to Adobe support to get the answer.

leocwlau · 12/7/22

This is not really an out-of-the-box feature as Adobe Experience Cloud is created as a SaaS and accessible from Internet.

As a workaround, you can to enable Federate ID so user authenticate with your corporate authentication system where you limit only to authenticated from company network.

However, you are still able to create Adobe ID and give access to user so they can directly access from Internet.

AmitRaghuwanshi · 12/7/22

Hi @leocwlau,

Thank you for your reply.

Yes agree considering its Saas hence its hard to implement any solution from our side and that's why I wanted to check if Adobe has any internal IP based filtering ecosystem for each client accounts for such requirements.

Ideally federate ID based access is one of the option which we have already considered but its not a full proof solution. Users can still access the user interface via SSO out side corp network.

AEP coming into picture and contains the PII information, Adobe might need to think in this direction as a Employee can take the screenshot of clients personal information via AEP User interface on their personal machine and share it across. Such issues will create the huge issues for the Adobe clients.

With Regards,

Amit Raghuwanshi

leocwlau · 12/7/22

Unfortunately, I believe your wish will never be fulfilled unless Adobe making on-premise option for AA/AT/AEP, which is a bit unlikely to happen.

On a different point of view, in the current SaaS and connected systems environment, it is getting harder and harder to lock everything, everyone has a smartphone with camera now. The security concern needs to supplemented with security awareness training, code of conduct, and putting trust to our members to do the right things, on top of technical security measurement.

Adobe Experience Platform

How to restrict the Adobe Experience Cloud (AA, AT, AEP etc. ) Access within the company IP Range

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe