Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Skip to main content



Allowlisting definition

Allowlisting is a security process in which users can only access a network, device, or system if they’re on a pre-approved list. It applies not only to people but also to applications, websites, or IP addresses. Allowlisting is the opposite of blocklisting — it allows approved users to operate on a system or network. It is a more trust-centric and secure approach than blocklisting. Allowlisting is like creating a VIP list. Anyone not on the list is not allowed entry to your network or device.

See also: blocklist, endpoint security

Allowlisting vs. blocklisting

Allowlisting is generally considered to be a safer solution than blocklisting. Blocklists work by letting everyone through except those who are on the list. This way, a yet unknown bad actor can get through your defenses. Allowlisting has stricter rules.

Allowlisting use cases

  • Network access control. One of the most popular uses of allowlisting is restricting access to a network. In such case, only pre-approved devices or users can connect. This can prevent unauthorized access to sensitive company information or resources.
  • Application control. Allowlisting can restrict the installation and execution of applications on a system. Only pre-approved applications will be allowed to run to prevent malware from infiltrating the system.
  • Website filtering. Allowlisting can stop network users from accessing websites that have not been pre-approved. Some companies use it to prevent employees from accessing non-work-related websites. Parents often do it to protect children from inappropriate content.
  • Email filtering. Allowlisting can also filter incoming email messages based on their sender to prevent phishing attacks and other email-based scams.
  • Device access control. Allowlisting can be used to restrict access to certain devices, such as USB drives or printers. This may also prevent unauthorized access or data theft.

Further reading

Ultimate digital security