How to restrict the Adobe Experience Cloud (AA, AT, AEP etc. ) Access within the company IP Range | Community
Skip to main content
AmitRaghuwanshi
AmitRaghuwanshi
Level 3
December 6, 2022
Solved

How to restrict the Adobe Experience Cloud (AA, AT, AEP etc. ) Access within the company IP Range

  • December 6, 2022
  • 2 replies
  • 2724 views

Hi Team,

 

Is there a way by which we can restrict the Adobe Experience Cloud (AA, AT, AEP etc. ) Access within the company IP Range. So if a user try to access the Adobe Experience Cloud products outside corporate network they cant access it.

 

Please note - I know this can be achieved for Adobe campaign classic and AEP but my query is for the cloud based adobe products.

 

Please let me know how to achieve this?

 

With Regards, Amit Raghuwanshi

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by leocwlau

Unfortunately, I believe your wish will never be fulfilled unless Adobe making on-premise option for AA/AT/AEP, which is a bit unlikely to happen.

On a different point of view, in the current SaaS and connected systems environment, it is getting harder and harder to lock everything, everyone has a smartphone with camera now. The security concern needs to supplemented with security awareness training, code of conduct, and putting trust to our members to do the right things, on top of technical security measurement.

2 replies

Avinash_Gupta_
Community Advisor and Adobe Champion
Avinash_Gupta_Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
December 7, 2022

Hi @amitraghuwanshi 

 

IP based restriction is provided in some of the Adobe products like Adobe Analytics, Marketo. You can exclude data from specific IP addresses, such as internal website activities, site testing and employee usage, from your reports.

 

https://experienceleague.adobe.com/docs/analytics/admin/admin-tools/exclude-ip.html?lang=en 

https://experienceleague.adobe.com/docs/marketo/using/product-docs/administration/additional-integrations/create-an-allowlist-for-ip-based-api-access.html?lang=en 

 

All the Adobe products are cloud based and Adobe has already take care of the security. In one of the article I have found that IP allowlisting is not required for outbound actions because Adobe cloud products run on servers with dynamically changing IP addresses. Additionally, third-party actions from are secured using an API key or token-based authentication, inaccordance with best security practices

 

Access Control : Adobe Experience Platform customers can use a robust set of access control capabilities to manage access to resources and workflows. Role-based access control ensures that only authorized users can access data and attribute-based access control enables administrators to
control access to specific objects and/or capabilities based on attributes.

 

Hope this helps.

    AmitRaghuwanshi
    AmitRaghuwanshiAuthor
    Level 3
    December 7, 2022

    Hi @avinash_gupta_ 

     

    As mentioned in my question, its more about accessing the Adobe Experience Cloud User interface and not related to the internal functionality example (e.g. Adobe analytics tracking etc) you gave in your response. 

     

    My ask is, it there a possibility if I want to restrict the user interface of Adobe Analytics like products in Adobe experience platform which should be accessible only from certain IP.

     

    Let me know if you know anything regarding this? Thanks

     

    With Regards,

    Amit Raghuwanshi

      Avinash_Gupta_
      Community Advisor and Adobe Champion
      Avinash_Gupta_Community Advisor and Adobe Champion
      Community Advisor and Adobe Champion
      December 7, 2022

      Hi Amit,

       

      I don't think any such IP based restriction exist on Adobe Experience Cloud however reach out to Adobe support to get the answer.

       

        leocwlau
        Community Advisor and Adobe Champion
        leocwlauCommunity Advisor and Adobe Champion
        Community Advisor and Adobe Champion
        December 7, 2022

        This is not really an out-of-the-box feature as Adobe Experience Cloud is created as a SaaS and accessible from Internet.

        As a workaround, you can to enable Federate ID so user authenticate with your corporate authentication system where you limit only to authenticated from company network.

        However, you are still able to create Adobe ID and give access to user so they can directly access from Internet.

          AmitRaghuwanshi
          AmitRaghuwanshiAuthor
          Level 3
          December 7, 2022

          Hi @leocwlau,

           

          Thank you for your reply.

           

          Yes agree considering its Saas hence its hard to implement any solution from our side and that's why I wanted to check if Adobe has any internal IP based filtering  ecosystem for each client accounts for such requirements.

           

          Ideally federate ID based access is one of the option which we have already considered but its not a full proof solution. Users can still access the user interface via SSO out side corp network.

           

          AEP coming into picture and contains the PII information, Adobe might need to think in this direction as a Employee can take the screenshot of clients personal information via AEP User interface on their personal machine and share it across. Such issues will create the huge issues for the Adobe clients.

           

          With Regards,

          Amit Raghuwanshi

            leocwlau
            Community Advisor and Adobe Champion
            leocwlauCommunity Advisor and Adobe ChampionAccepted solution
            Community Advisor and Adobe Champion
            December 7, 2022

            Unfortunately, I believe your wish will never be fulfilled unless Adobe making on-premise option for AA/AT/AEP, which is a bit unlikely to happen.

            On a different point of view, in the current SaaS and connected systems environment, it is getting harder and harder to lock everything, everyone has a smartphone with camera now. The security concern needs to supplemented with security awareness training, code of conduct, and putting trust to our members to do the right things, on top of technical security measurement.

              Terms & ConditionsAccessibility statement

              Loading footer...