Hi Morgan and Marysia ,

We checked the IP ranges for Freshfields Bruckhaus Deringer LLP group and found that as per following screen shot due to red mark ipv4 range this issue is occurred.

The range is start with 54.14.114.168 and end with 154.14.114.175. I assume this is typo mistake for ip 154.14.114.175.  The start IP range should start with 154 digit or End IP range should start with 54 digit

iprange.png 109 KB • Download

Please check and confirm.

Hi Harsh ​,

Great. Thanks for catching that. Marysia ​, I have turned off that IP address range. Could you please confirm what the correct range should be?

Martin ​, can we do something about the usage data? I really don't want this to show up in the client's usage reports.

Thanks,

Morgan

Morgan and Marysia : I am pretty sure that the correct IP begins with 154.*, because 154.* IP addresses originate from the U.K, whereas 54.* IP addresses are US-based.

Is it ok if we remove all usage data entries for that group from 6/23 until now? This would be the easiest way.

Thanks,
--Martin

Hi Martin ,

Ok. It may very well be a US-based IP, because Freshfields has several offices in the US, so I'll wait for Marysia to confirm the correct range.

I'd prefer a more precise correction of the data. This is a high volume account and there was probably legitimate usage that occurred during this period. Once Marysia confirms the correct range, could we please remove only the sessions that do not fall within an authorized range?

Thanks,

Morgan

HI Morgan and Martin,

I confirm the range is 154.14.114.168 - 154.14.114.175

Marysia

Also, have made the correction on their account.

Marysia

Great. Thanks Marysia . Could you confirm exactly when the IP addresses were updated so that Martin can isolate what sessions data needs to be corrected.

Thanks,

Morgan

June 23

Ok. Thanks Marysia .

Martin , could you please determine whether it's possible to cleanse session data between June 23 and June 30 of sessions where access came from IP address outside the authorized IP ranges. 

Thanks,

Morgan

Actually looks like I would have updated on 22 June and confirmed on 23rd.

Marysia

Morgan , I will work on isolating the erroneous sessions today, but will wait tonight for Harsh before removing them since I want to make sure they are properly removed.

Ok. Sounds good. Thanks Martin ​.

Note this can wait until Monday. I don't want to unduly interrupt your long weekend.

Morgan

Hi Harsh ,

See attached spreadsheet for the list of erroneous sessions that should be deleted.

What I did to get there:

Take a look at the "Sessions" tab, column R. The goal would be to remove any "FALSE" entries from the database.

Hopefully this spreadsheet will help you achieve that.

Thanks,
--Martin

SessionDetails_36.xlsm 299 KB • Download

Hi Martin ,

As per your attached sheet, We have removed false session data entries from Freshfields Bruckhaus Deringer LLP ' s group. 

Please check and confirm.

Hi Harsh ,

I believe we are looking good now, as their June sessions count are back within normal ranges:

image.png 22.6 KB • Download

Morgan : do you agree?

Thanks,
--Martin

Look good, Martin and Harsh . Thank you. Marking to-do complete.

Morgan