Setting up Intranets
Firewall Analyzer includes the option to specify networks, or a range of IP
addresses to identify machines behind a firewall. This setup is identified as
the Intranet. By adding the machines or IP addresses that are located within your network (LAN), you can identify and distinguish between traffic that is generated
within your network, and traffic that is coming from, or destined outside your network.
Click the Settings > Intranet Settings link to define intranets. The
Intranet Settings page contains the 'Configure all devices' link menu option. It lists all the devices that have been configured to send their logs to Firewall Analyzer for analysis. The table in the page lists the Device Name (names of the devices being monitored), Intranet Settings (the IP Network, Range, Adddress), Action (Change the settings)
Click the 'Configure all devices' link menu option to set the intranet for all the devices. Click the Change action, found against each listed firewall, would enabe you to configure the (intranet) private Network or IP
Range or IP Address for each firewall.
The Intranet Settings page opens up with the title 'Specify Network or IP
Range or IP Address'. There is a provision to configure intranet for individual device, a group of devices, and all the devices. To configure the intranet settings for a group of devices, click the 'Configure all devices' link menu or click the Change action, found against each listed firewall and click the 'Change Selection' link. 'Select Devices from the list' screen pops up. Select a group of devices. You can also select a single device or all the devices from this screen. Click OK button to complete the device selection and click Cancel button to cancel the selection.
- To designate an entire IP network as an Intranet, select IP
Network from the list, and enter the network IP address and
the corresponding Net Mask value.
- To include a single host in the Intranet, select IP Address
from the list, and enter the IP address of the host.
- To designate a range of IP address as the Intranet, select IP
Range from the list, and enter the starting IP address and
the ending IP address and enter the network IP address and
the corresponding Net Mask value.
You can specify multiple intranets by clicking the More button and remove the additional intranets with Fewer button.
Try to give minimum ranges/networks as much as possible.
For Example : If you have three private IP Network
(say) 10.8.0.0, 10.9.0.0, and 10.10.0.0, each with Net Mask: 255.255.0.0,
then instead of adding them separately, we would recommend you to
give the entire private IP network : 10.0.0.0 with Net Mask 255.0.0.0,
as this would improve the performance of Firewall Analyzer. The
same is recommended for IP Range also, where you
can mention Start IP: 10.0.0.0, End IP: 10.255.255.255 and this
is applicable to Class B & Class C networks also.
For instance, if your are a MSSP (Managed Security Service Provider) who is monitoring firewalls of different client networks at different locations and all your clients could possibly end up with the same (intranet) private Network or IP
Range or IP Address, then Configure all devices would serve the purpose of applying the common configuration across All Devices.
Once you are done, click Save Settings to activate
the new settings and click Cancel button to cancel the operation.