What are baseline rules and how do they work?
Baseline rules are rule templates that allow users to define their whitelist. For example, if a user defines their whitelist of IP addresses and a connection is attempted from an IP address not on the whitelist, an alert will be triggered.
What data can I define with baseline rules?
We offer baseline rules that allow users to define the following data:
Whitelist of allowed internal IP addresses Whitelist of allowed IP addresses for login Whitelist of allowed applications Whitelist of allowed O365 users Whitelist of allowed Windows users
How can I implement these rules?
To implement any of these rules, please send us your whitelist so that we can define your baseline rules accordingly.
For example, suppose a user wants to define a whitelist of allowed IP addresses for login. They can send us a list of IP addresses and we will define the corresponding baseline rule. If someone tries to log in from an IP address not on the whitelist, an alert will be triggered.
Similarly, if a user wants to define a whitelist of allowed O365 users, they can send us a list of email addresses and we will define the corresponding baseline rule. If someone tries to access O365 from an email address not on the whitelist, an alert will be triggered.
How can I get more information or request additional assistance?
To get more information or request additional assistance, please contact us and we'll be happy to help.
