Dynamic Defense

How to Allow or Block an IP w/ IP Control

An IP allow list is a set of approved IP addresses that are granted access to a system or network, enhancing security by only permitting specified connections. An IP block list comprises restricted IP addresses, preventing them from accessing the system to mitigate potential threats or unauthorized access. 

To create an IP Control policy, follow the below steps:

1

Navigate to IP Control

Navigate to the IP Control security module: Policy > IP Control

IP control home page

2

Configure Your Policies

To begin allowing or blocking access to content based on specific IP Address, navigate to the left-hand side of the interface and select either "Allow List" or "Block List" by clicking the down arrow as shown below.

IP control allow and block drop down list

Once "Allow List" or "Block List" is selected, you will be able to add IP Address or Ranges of IP Addresses to your selected list by pressing the "Add External IP Address" button.

Allow List Add:
IP allow add

For each Allowed IP added, you will need to populate the following items within the UI

  • Direction - From My Network or From Internet
  • Type - Single, Range, or Subnet
  • IP Address
  • Description
Block List Add:
IP block add

For each Blocked IP added, you will need to populate the following items within the UI

  • Direction - From My Network or From Internet
  • Route - Source or Destination
  • Type - Singe, Range, or Subnet
  • IP Address
  • Description

Once the above information is specified for each allow and block respectively, press "Add" and your allowed or blocked IP will populate in the IP Control module. From here you can now proceed to Step 3 to apply your new policy.

3

Apply Your New Policy

Propagating configuration changes throughout the AT&T Dynamic Defense portal is a simple process.

Step 3a:

Making policy changes (e.g. adding, editing, or deleting policy rules) will be represented in a draft state shown on the right-hand side of the screen when the first policy edit is made. A draft will not be made active until you complete the remaining steps.

Policy draft created

Step 3b:

When ready to apply your new policy, move your mouse over the "Draft" button and click "Apply Policy" to activate the draft state. Activating the changes effectively pushes the configuration changes to the network embedded security to be applied across your AT&T Dedicated Internet connection.

Policy apply button

A prompt will appear asking if you are sure you want to continue. Here you can add any notes about the new policy and then select "Continue" to activate the policy.

Apply policy check screen

Step 3c:

After applying the policy, the Draft state will then convert into a Pending state as the policy is pushed over the network to be updated within the AT&T Dynamic Defense Service.

Policy apply is pending

Step 3d:

Once the policy is successfully updated within the AT&T Dynamic Defense Service the status will then be updated to an active state and a new notification will be populated to show success. 

Policy activated successfully

This Section

1
Navigate to IP Control
2
Configure Your Policies
3
Apply Your New Policy