I'm really just looking for advice. I've been asked by our marketing department to allow an outside vendor to "crawl" our website. In order to do this, they require over 200 IP addresses be given full access to our web server on all ports. To me, this is extremely excessive. However, the usual response from marketing is "really big companies do this why can't we?" Perhaps, but it seems like a huge breach of security to me.
I'm just checking to see if I'm being to strict. Would you do this on your network?
Thanks in advance for any advice you can give me.