Server-less incoming Web-hooks

Primary tabs

Caché

Hi,

Recently I have encountered a new issue, more and more 3rd party applications move to the cloud.

Web-hooks incoming from their sites can no longer be identified using a known and fixed IP address, so our customer's security department blocks them.

In past similar cases we use to grant access in the customer's Fire-Wall to the specified IP address - this is no longer applicable.

Has anyone else encountered this problem ? do you have any ideas ?

 

Thanks

 

 

Replies

Amiram,

Most higher end firewalls (Palo Alto, Cisco ASA, et al) will support whitelisting FQDNs.  In setting this up, be careful in your choice of DNS providers to preclude spoofing.  It may take some careful education and testing to get this accepted by your customer's network security team, but this is increasingly common practice with more and more web services being cloud-based and delivered with HA and DR across multiple data centers each having multiple numeric address ranges.

Cheers,

- Evan