When we bought Siteshield, I had an assumption that we only Whitelist the Siteshield map IPs. I was then told based on our our usage that we need to whitelist:
22 CIDR (Siteshield)
17 CIDR (Secure Edge Staging Network)
15 IPs (CCU) [no-CIDR]
959 IPs (Performance / Monitoring / SLA Agents) [no-CIDR]
Q1) Why aren't the CCU and Secure Edge Staging Network IPs part of our Siteshield map?
Q2) Why no CIDRs are provided for Performance / Monitoring / SLA Agents?
Q3) What impacts will I face if I don't white-list Performance / Monitoring / SLA Agents ?
My network admins are resisting to add this big of an ACL citing performance impact. Any experience from existing customers deploying Siteshield?
I found this discussion but I'm not sure how they optimized the SLA agent list (I don't want to limit it to north america)