We are excited to announce the release of IP Filtering for Neo4j Aura's Virtual Dedicated Cloud (VDC) and Business Critical (BC) tiers. This powerful new feature allows Aura users to control network access to their AuraDB graph databases by specifying which IP address ranges are permitted. With IP Filtering, you can enhance your network security while keeping your deployment straightforward and easy to manage.

Built on a Strong Security Foundation

Neo4j Aura already supports multiple models for securing database network access.

If you enable public access, your instance is reachable over the public internet by users who authenticate with the correct credentials.

If you prefer a fully private setup, you can disable public access and connect using private endpoints. These endpoints are network interfaces created inside your own VPC. They use your cloud provider's internal network to connect directly to Aura. This keeps your traffic off the public internet and ensures that only systems inside your network can reach the database.

You can also use a hybrid model, enabling both public and private access depending on your architecture and requirements. In a hybrid model, Aura IP Filtering can be applied to the public access points.

While private endpoints offer strong protections, they also require cloud-side setup. You must configure networking, assign internal IPs, manage DNS records, and maintain those resources. This can add operational overhead, especially for teams that want to move fast or work across different environments.

IP Filtering Offers a Streamlined Alternative

IP Filtering gives you the ability to restrict access to your Aura instances based on IP address ranges, without requiring any changes to your cloud infrastructure. You do not need to create endpoints, set up routing, or manage DNS. You simply define which IP ranges are allowed to connect.

This provides strong network-level access control in a lightweight and easy-to-manage form. Whether your instance is publicly accessible or configured for hybrid use, IP Filtering allows you to enforce a clear boundary around your data.

How It Works

  • You can manage filters through the Aura Console UI or the Aura Admin API
  • Each VDC database instance supports up to 100 allowed IP Ranges. Business Critical instances each support 20 IP Filter Ranges. Higher capacity options are available by request.
  • Filters can be linked to one or more database instances
  • A filter can also be applied at the project level, so that existing and any new instances created within the project automatically inherit the filter rules

This means you can set up IP filtering once at the project level and ensure that all new databases within that project follow the same access policy. It reduces manual work and helps maintain consistent security across your environments.

Ideal Use Cases for IP Filtering

IP Filtering is a great fit when you want to:

  • Quickly secure public instances without cloud configuration
  • Limit access to trusted networks such as office locations or partner data centers
  • Enforce corporate or regulatory access boundaries with minimal setup
  • Apply access controls to dev or test environments where private endpoints are unnecessary
  • Block access from geographic regions that you do not operate from
  • Standardize access policies across an organisation or project without having to manage each instance individually

This feature complements existing private access capabilities, giving you more choice and flexibility in how you protect your data.

Available Now and Growing

IP Filtering is now available for customers using Virtual Dedicated Cloud and Business Critical tiers. Support for additional tiers will be made available in the future.

To get started, sign in to the Aura console, open your organisation settings, and configure your IP filters in the security section. You can also use the API to automate access rules as part of your deployment workflows.

Read the IP Filtering documentation about this feature for more details.

Neo4j Aura continues to evolve to meet the needs of secure, high-performance, and scalable graph applications. IP Filtering is the latest step in making enterprise-grade security more accessible and easier to use.

Protect your data. Simplify your setup. Take control with IP Filtering in Neo4j Aura.