We direct all our traffic through Cloudflare thus we don't use a fixed ip range.
Cloudflare well known cloud service for web performance and security https://www.cloudflare.com/. It also protects against attacks like distributed denial-of-service (DDoS).
How can a firewall be set up to open only for itslearning?
Since a fixed ip range cannot be used, the firewall needs to be set up using DNSSEC.
The following two domains cover the main itslearning application:
*.itslearning.com
oembeditslearning.com
It might be necessary to also open up the firewall for third party products that is used together with itslearning, e.g. office:
*.officeapps.live.com
euc-word-view.officeapps-live.com
amcdn.msftauth.net
js.monitor.azure.com
res.public.onecdn.static.microsoft
storage.live.com
Some customers use additional third party products, and if those should be accessible during the exam as well, they may need to be allowed by the firewall as well.
We always recommend our customers to test that everything works ahead of time before exams.