The trusted IP address feature allows Appian Cloud customers to enable environment access based on the IP address of the incoming connection.

Enabling this feature:

• Allows companies and organizations to route access to Appian Cloud through a VPN or an office location's block of IP addresses, in the same manner as other intranet resources.
• Provides enhanced security that partially obscures the environment from being visible to the Internet.
• Secures the environment against disaffiliated or unaffiliated users who hold valid credentials, if they attempt access from a blocked IP address.

Trusted IP addresses are defined and enabled globally in Appian Cloud environments. Upon customer request, the environment can be configured to restrict access based on:

• IP address (e.g. 10.0.0.0)
• IP range (e.g. 10.0.0.0/24)

Once enabled, requests coming from an IP address not listed as trusted are not processed. Users cannot access your Appian environment unless their request originates from one of the approved sources.

Enabling trusted IP addresses

Appian Technical Support enables this functionality for the entire environment upon customer request.

If you use or plan to use DevOps Infrastructure or portals, Appian Support will need to add the Appian Cloud outbound IP addresses to the list of IPs you provide us. This will allow traffic originating from Appian Cloud in the regions in which your environments are hosted. You can enable Trusted IPs regardless of whether or not you use DevOps Infrastructure or portals.

To enable trusted IP addresses, create a support case and include:

• The IP addresses or block of IP addresses to be trusted.
• Whether you use or plan to use DevOps Infrastructure or portals in your environments.

Updating trusted IP addresses

• Updates to the list(s) of trusted IP addresses can be made by Appian Technical Support upon customer request.

Limitations

• A maximum of 500 distinct IP addresses or ranges may be configured for a single Appian Cloud environment. This includes any Appian Cloud outbound IP addresses used to enable DevOps Infrastructure.