- During development cycles or when testing new applications, you may need to temporarily allow all outbound traffic while still keeping an eye on communication patterns.
- If application issues arise that might be related to overly restrictive egress policies, temporarily unprotecting a VPC/VNet can help identify if security rules are causing the problem without losing visibility.
- When integrating new cloud services or third-party tools, you might need to allow broader access initially to discover all required endpoints before implementing targeted protection.
- Some compliance frameworks require traffic monitoring while allowing business operations to continue without restriction.
- To determine if protective filtering is causing latency issues, you might unprotect while continuing to monitor traffic patterns and performance metrics.
- The Default Deny Rule for this VPC/VNet will be removed, allowing all egress traffic to flow
- The VPC/VNet is removed from the Protected VPC/VNets SmartGroup and added back to the Monitored VPCs SmartGroup
- Any Permit protection rules you created are kept
- On the Security > Egress > Egress VPC/VNets tab, click the vertical ellipsis
next to a VPC/VNet that is currently protected. - Click Unprotect and Monitor.
- In the Unprotect and Monitor VPC/VNet dialog, select the I understand that <vpc/vnet name> will no longer be protected checkbox.
- Click Unprotect and Monitor.
- Observe new traffic patterns that might emerge with unrestricted access
- Identify any potential security concerns that warrant re-enabling protection
- Build more refined protection rules based on the actual traffic needs observed
- Document legitimate business traffic that should be explicitly allowed when protection is reapplied