Salesforce Developer Data Security Users Ip Restriction

salesforce-developer-data-security

// Salesforce - Developer - Data Security - Restrict Login Access by IP Address:

By default, Salesforce doesn't restrict the location or the times for login 
access. However, for added security, you can restrict both of these. For 
example, you might want to restrict the allowed range of IP addresses to those 
inside your corporate firewall, so employees can’t log in from other locations.

You can specify an IP address range for the entire organization or for specific 
user profiles, but the behavior is very different for each option. If you set 
the login IP range:

1. at the organization level—users who log in outside the set range are shown a 
   login challenge. If they complete the challenge question, typically by 
   entering an activation code sent to their mobile device or email address, 
   login access is granted. This method does not restrict access, entirely, for 
   users outside of the set IP range. The set IP range is called the “trusted” 
   IP range.

2. at the profile level—users outside the permitted range are always denied 
   access.

// To set a trusted login IP address range for the entire organization:

1. From Setup, enter Network Access in the Quick Find box, then select 
   Network Access.

2. Click New in the Login IP Range related list.

3. Enter the start and end point of the range of trusted IP addresses.

4. Click Save.

// To restrict the login IP address range for a profile:

1. From Setup, enter Profiles in the Quick Find box, then select Profiles.

2. Click the name of the profile you want to edit.

3. Click New in the Login IP Range related list.

4. Enter the start and end point of the range of allowed IP addresses.

5. Click Save.
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License