Thomas Orozco - February 22, 2017

IP Filtering Made Easy With Enclave Endpoints

Lock down network access to your apps in a handful of clicks.

We’re proud to announce that as of this week, Enclave Endpoints support IP filtering. Using this new feature, you can restrict access to apps hosted on Enclave to a set of whitelisted IP addresses or networks and block other incoming incoming traffic.

Use Cases

While IP filtering is no substitute for strong authentication, this feature is useful to:

  • Further lock down access to sensitive apps and interfaces, such as admin dashboards or third party apps you’re hosting on Aptible for internal use only (e.g. Kibana, Sentry).

  • Restrict access to your apps and APIs to a set of trusted customers or data partners.

And if you’re hosting development apps on Aptible, IP filtering can also help you make sure no one outside your company can view your latest and greatest before you’re ready to release it the world.

Note that IP filtering only applies to Endpoints (i.e. traffic directed to your app), not to aptible ssh, aptible logs, and other backend access functionality provided by the Aptible CLI (this access is secured by strong mutual authentication, as we covered in our Q1 2017 webinar).

Getting Started with IP Filtering

IP filtering is configured via the Aptible Dashboard on a per-Endpoint basis.

2017-02-22 Blog Post IP Filtering

You can enable it when creating a new Endpoint, or after the fact for an existing Endpoint by editing it.

Enjoy! As usual, let us know if you have any feedback or questions!