diff --git a/configs/co/co-mdf-4507.cfg b/configs/co/co-mdf-4507.cfg
index d3f31a3..be71f9e 100644
--- a/configs/co/co-mdf-4507.cfg
+++ b/configs/co/co-mdf-4507.cfg
@@ -1,8 +1,9 @@
 Building configuration...
 
-Current configuration : 14788 bytes
+Current configuration : 15777 bytes
 !
-! Last configuration change at 13:24:02 EST Fri Feb 6 2026
+! Last configuration change at 09:23:35 EDT Thu Mar 12 2026 by estein66.admin
+! NVRAM config last updated at 09:23:35 EDT Thu Mar 12 2026 by estein66.admin
 !
 version 15.2
 no service pad
@@ -114,6 +115,20 @@ archive
  path bootflash:
  maximum 5
 file privilege 10
+object-group network day-enterprise-servers 
+ description day-enterprise-servers
+ host 10.1.230.11
+ host 10.1.40.108
+!
+object-group network dns-servers 
+ description Internal-DNS-Servers
+ host 10.1.40.10
+ host 10.1.48.11
+!
+object-group network ntp-servers 
+ host 10.1.40.154
+ host 10.1.48.103
+!
 !
 spanning-tree mode rapid-pvst
 spanning-tree loopguard default
@@ -432,6 +447,11 @@ interface Vlan107
  ip helper-address 10.21.48.20 
  shutdown
 !
+interface Vlan230
+ ip address 10.55.230.1 255.255.255.224
+ ip access-group hvac in
+ shutdown
+!
 interface Vlan233
  ip address 10.55.233.1 255.255.255.0
 !
@@ -502,6 +522,16 @@ ip ssh server algorithm encryption aes256-ctr aes128-ctr
 ip ssh server algorithm kex diffie-hellman-group14-sha1
 ip ssh server algorithm publickey x509v3-ssh-rsa
 !
+ip access-list extended hvac
+ permit ip 10.55.230.0 0.0.0.31 object-group day-enterprise-servers
+ permit udp 10.55.230.0 0.0.0.31 object-group dns-servers eq domain
+ permit udp 10.55.230.0 0.0.0.31 object-group ntp-servers eq ntp
+ permit icmp 10.55.230.0 0.0.0.31 host 10.55.230.1
+ permit icmp host 10.55.230.1 10.55.230.0 0.0.0.31
+ deny   ip any 10.0.0.0 0.255.255.255
+ deny   ip any 192.168.0.0 0.0.255.255
+ deny   ip any 172.16.0.0 0.15.255.255
+ permit tcp 10.55.230.0 0.0.0.31 any eq 587 log-input
 ip access-list extended users
  deny   ip any 192.168.0.0 0.0.255.255
  permit ip any any