Okta ThreatInsight settings –best practices
Okta's General Security offers two options in its Okta ThreatInsight settings section:
Action - Determines what action Okta ThreatInsight will take when threats are detected. Exempt Zones - Identifies network zones that should always be considered safe.
ThreatInsight uses a detected threat level to limit or block authentication requests from suspicious IP addresses. It can reduce risks associated with malicious activity without blocking legitimate users' access. In cases where ThreatInsight suspects malicious activity and detects a high threat level, it blocks authentication requests from the IP address.
Action
For the Action setting, specify that you want Okta ThreatInsight to Log and enforce security based on threat level.
Exempt Zones
All customers should identify the MSP-Okta infrastructure network zone as an Exempt Zone in Okta ThreatInsight to make sure Okta does not block critical Addova services, including Deep Linking.
Other configurations and requirements may require you to add other network zones to Okta ThreatInsight Exempt Zones; specific instructions are provided in context.