There is a balance between security and functionality with Lansweeper.

Here's a breakdown:

Lansweeper uses the *.aws.amazon.com and *.amazonaws.com domains to communicate with the Lansweeper Cloud service. Blocking these URLs would prevent Lansweeper from functioning correctly, especially for features like cloud syncing and updates.   

While allowing these URLs is necessary for Lansweeper, it doesn't mean your security is compromised.

Amazon AWS is a reputable cloud provider with strong security measures.   

Here are some strategies to enhance security alongside Lansweeper:

Firewall Rules:

Restrict access to Lansweeper itself using firewall rules. Only allow connections from authorized IPs and ports.

Vulnerability Scanning:

Run regular vulnerability scans on your Lansweeper server and assets to identify and address potential security weaknesses.

Strong Passwords:

Enforce strong passwords for Lansweeper accounts and other critical systems.

Multi-Factor Authentication (MFA):

Enable MFA for Lansweeper logins to add an extra layer of security.

Segmenting your Network:

Implement network segmentation to isolate Lansweeper and other critical systems from less secure areas of your network.

VPN wouldn't be directly applicable here. VPNs are primarily used for secure remote access connections.