Network zones

A network zone is a configurable boundary that you can use to grant or restrict access to computers and devices in your organization based on the IP address that is requesting access. You can define a network zone by specifying one or more individual IP addresses, by specifying one or more ranges of IP addresses, or by specifying one or more geographic locations.

After you define one or more network zones, you can use them in Okta sign-on policies, app sign-on policies, VPN notifications, and routing rules.

About network zones
Learn about the types of network zones you can create and how they can be used.
Generate a Proxy IP report
Prepare for creating network zones by generating a list of the IP addresses used as proxies in your organization.
Configure network zones
Create network zones based on IP addresses, proxy types, geographical locations, or autonomous system numbers (ASN).
Manage network zones
Modify, delete, or deactivate network zones.
Add IPs to a network zone from the System Log
Add an IP address to a zone from an event recorded in the System Log.
Add a network zone to Okta sign-on policies
Use network zones to allow or deny access in Okta sign-on policy rules.
Define a network zone for IWA
Define a network zone for working with Integrated Windows Authentication agents.
Network zones FAQs
Get answers to common questions about network zones.