SAP Knowledge Base Article - Public

2658112 - Restrict or whitelist IP access to SFTP server to specified IP addresses only

Symptom

Request to restrict or deny (blacklist) or grant (whitelist) access to specific IP addresses only for SAP provided standard SFTP accounts

Environment

  • SAP SuccessFactors HXM Suite
  • SAP SuccessFactors Learning
  • SAP provisioned standard SFTP account or iContent account

Resolution

It is possible to apply for IP restriction to your SFTP accounts. Note IP whitelisting or denying is not available on data centers: DC 15,17,18,19.
SFTP IP restriction has nothing to do with BizX or LMS IP restriction and whitelisting internal IP addresses will be taken care by us so that it will not impact the communication between SuccessFactors and SFTP (Support team see internal memo).

Raise an incident ticket with component LOD-SF-PLT-FTPS (for BizX provided SFTP) or LOD-SF-LMS-PCM (for LMS provided SFTP or iContent accounts), and provide the following information:

  1. Company ID
  2. SFTP username
  3. Data Center and/or SFTP URL
  4. Correct IP addresses to whitelist/restrict

Note that if you fail to provide correct and complete IP addresses, it may impact your streamlined business process by denying access request to your SFTP account from the end point that is supposed to be allowed.

  • Request to whitelist an IP to SFTP:  this is only the case if there was a specific prior request to deny all other non-whitelisted IP addresses per username access to the SFTP and does not resolve or prevent any issues where particular user/system cannot log on to SFTP which may be due to internal safeguards (e.g. too many requests within certain period from same user/system may appear as DDOS attack and whitelisting will not resolve - see if access from another IP range allows and open incident to request Operations to unblock.)
  • Request to restrict or deny (blacklist) an IP to SFTP:  we can only whitelist IP addresses, but can set the SFTP access to deny all but whitelisted.

Keywords

SAP SF success factors sf bizx platform sftp learning lms icontent ip address addresses whitelist blacklist allow restrict deny Restriction Security access , KBA , LOD-SF-PLT-FTPS , SFTP Account Creation, Reset Password & Install SSH Service , LOD-SF-LMS-PCM , iContent , LOD-SF-LMS-PER , Application Latency/ Performance Issues , LOD-SF-PLT-SEC , Security & Permissions , How To

Product

SAP SuccessFactors HXM Suite all versions ; SAP SuccessFactors Learning all versions