04-16-2015 08:08 AM
So - CPPM 6.4 - Managment port configured for internal Network, Data Port is public facing for the guest networks. we want to lock down administrative web-ui access to CPPM from the data port.
According to the CPPM hardening guide you use Administrative Access Control List set up in the Server Manager for the CPPM server. This is fine and works, but it is very labor intensive for our installation as you have to whitelist desired subnets, we have a large number of subnets that are internal and we want to allow admin access to CPPM from all. Because everything I want to block is facing the Data port and everything I want to allow is facing the Management port, is there a way to just disable all admin access to the Data port and allow all admin access to the Management port? Regardless of subnet or IP address ranges.