We’re excited to let you know that the IP firewall feature is now generally available for the Power Platform environments across all regions. This feature allows you to control access to Dataverse, enabling you to implement stricter security measures. With IP Firewall, Power Platform administrators can configure IP restrictions on each of the Power Platform environments, allowing access to Dataverse only from allowed IP ranges. This helps mitigate risks of insider exfiltrating the data and prevents token replay attack from restricted IP ranges. We hope this feature will help you keep your organizational data secure and protected.
When you configure the IP firewall on the Power Platform environment, it will only allow the requests from the configured IP ranges and reject all other requests, thereby allowing you to restrict the access to Dataverse.
Power Platform admins can enable IP restrictions on Power Platform environments (available only to the Managed Environments) individually via Power Platform admin Center, by default this feature is turned off.
Finally, your environment IP firewall settings will look like below.
Call to Action:
- Enable IP firewall in Audit-Only Mode: If you haven’t already, enable the IP firewall feature to protect your organizational data by limiting user access to Dataverse from only allowed IP ranges. You can learn more about how to enable this feature by visiting the following link: IP firewall in Power Platform environments – Power Platform | Microsoft Learn
- Review firewall audit logs: You can review the audit logs and It’s helpful when you’re configuring restrictions on a Power Platform environment. We recommend that you enable audit-only mode for at least a week and disable it only after careful review of the audit logs. IP firewall in Power Platform environments – Power Platform | Microsoft Learn
- Enable IP firewall in enforcement mode: Once you have tested the IP firewall in audit-only mode and reviewed the audit logs, you can go ahead and enable the IP firewall in enforcement mode.