Upsert® IP Restriction Manager

Boosted Security

Security matters. That's why we've revived SugarCRM's IP Restriction Manager with an adapted version of our own. The IP Restriction Manager allows administrators to limit the IP addresses and platforms that can be used to access Sugar. This can be done with any combination of user, team, and role by defining allowed IP addresses in your preferred format:

• Specific
• Wildcard
• CIDR
• Start-End

Key Benefits

Increased Security

Previously, the IP Restriction Manager only restricted access during authentication and token refreshes. This is problematic, as a user's IP could change during the session. It would also allow an attacker to gain access into the application if they have stolen an access token. We've corrected this by revamping the plugin to validate all authenticated requests.

Better Performance

We've revisited the user access checks and improved everything from code to queries so that user experience doesn't suffer. We've also implemented caching for faster requests.

New Configurations

We've added the following configurations:

• Disable the plugin at an administrative level
• Enable user restriction caching for faster performance
• Enable in-app logging for user troubleshooting

Neat and Tidy

Extra libraries no more! Because SugarCRM has updated the libraries they use, we no longer need to ship the Symfony HttpFoundation component library. You'll also find a new organizational approach to the code and its structure.

Check out the project on GitHub or our blog to learn more. You can download the plugin here.

System Requirements

Upsert^® IP Restriction Manager is compatible with:

• Sugar Sell, Serve, Enterprise, and Professional products
• Versions 12.0 and higher
• Hosted in SugarCloud or on site