💡 Improvement Proposal: Add Validity/Expiration Dates to Firewall IPs (GDC/RDC)
Hello Extreme Networks Community and Documentation Team,
With every new Firmware release or ExtremeCloud IQ (XIQ) update, the lists of IP addresses for Global Data Centers (GDC) and Regional Data Centers (RDC) are published as firewall requirements.
While including these lists is crucial, we have noticed a significant gap that creates operational overhead for many users who rely on static firewall rules:
The Challenge of Static IP Management
Currently, there is no information about the validity or expiration date associated with each IP entry.
For customers who maintain a strict security policy and must allow these addresses statically on their firewalls, the lack of an expiration date means manual, periodic review of the entire list with every new announcement, just to ensure nothing has changed or been removed.
The recent inclusion of a new port requirement (8090) demonstrated the importance of actively monitoring these changes, as they can catch administrators by surprise.
The Proposed Solution
To simplify maintenance and increase operational security for all customers, we propose an improvement in how this data is presented:
We request the inclusion of an additional column in the GDC/RDC IP tables indicating the date on which the specific IP address became valid (or the planned expiration date, if applicable).
Benefits:
Simplified Auditing: Allows administrators to quickly identify if an IP entry needs to be reviewed.
Reduced Errors: Minimizes the risk of stale or incorrect rules.
Best Practice: Aligns Extreme Networks documentation with common network infrastructure management best practices.
Thank you for your attention. I hope this suggestion can be considered for future release documentations.
Regards,
Raúl Carbonari
