Article ID: 87661
Article Type: Best Practices
Last Modified:
This article applies to Microsoft 365, Dynamics 365 and EntraID backups configured with additional single-tenant App registrations.
To ensure the highest level of security for your digital assets Commvault recommends:
In addition to applying Conditional Access policies, it is recommended to regularly monitor sign-in activity to detect any access attempts originating from IP addresses outside of the whitelisted range. This can help quickly identify potential security breaches or account compromises. If any unauthorized access is detected, immediately report the incident to Commvault Support for further investigation and remediation.
Known Bad Actor IP Addresses: As an additional security measure, be aware that the following IP addresses have been identified as associated with known malicious activity: 108.69.148.100, 128.92.80.210, 184.153.42.129, 108.6.189.53, and 159.242.42.20. These IP addresses should be explicitly blocked within your Conditional Access policies and monitored in your Azure sign-in logs. If any access attempts from these IPs are detected, please report the incident immediately to Commvault Support for further analysis and action.
Conditional Access Policies In order to implement a Conditional Access: Network assignment administrators will require IP ranges from both of the following documents:
Rotating Client Secrets Additional information on how to rotate and sync an App registration’s client secret can be found in the following documents: