Skip to content

Control access to SaaS apps

You can use Sophos ZTNA to control access to SaaS apps such as Salesforce and Dropbox.

Control access via IP allow lists on SaaS apps

You can allow trusted IP ranges directly from your SaaS apps.


Before you start, make sure that your SaaS app supports IP allow lists.

To configure access via IP allow lists on your SaaS app, do as follows:

  1. In Sophos Central, set up ZTNA and add the SaaS app as a resource. Assign user groups that need access to the resource. See Setup.

  2. On the SaaS app, allow the public IP address or IP range of the NAT interface, for example, the upstream firewall's IP range.

Now, users who are authorized to do so can access the SaaS app through the ZTNA gateway.