We recently published a blog, Operationalizing IP Allow Lists for Cloud Environments, talking about the process and phases for effective implementation of IP allow lists.

IP allow lists have traditionally been difficult to maintain without getting quickly out of date. We'd love to hear about your experiences.

• Do you use IP allows lists? For what, in which contexts?


• What do you use to mitigate compromised credentials? MFA? IP allow lists? other?


• Does Netskope's proxy architecture help you implement more effective IP allow lists?


• Was the blog post helpful or too high-level? Would it be useful to have more prescriptive examples (code) ?