Thanks @franton !
This is one of those times where you need to tell your network / firewall admin that whitelisting by IP address is sooooo 1990s. In my talk I mentioned “next generation firewalls” that can deny or allow apps by their traffic signature.
I’d suggest asking the team in charge of the firewall whether they will accept a request to whitelist DOMAINS rather than address ranges. If they say they can’t, point out that a lot of cloud based apps use CDNs and Global Traffic Management (GTM) to shuffle through a huge range of ever-changing IP addresses. If they still can’t do this, appeal directly to the CIO (or through your director/VP) and inform them that you are alarmed because the network stack appears to be incapable of supporting modern security practices, and the institution is at risk of attacks due to outdated infrastructure.
IP addresses and ports do NOT tell the whole picture. A health care organization such as yours should care about being able to accurately monitor traffic going in and out of the network.
