Firewall Analyzer by default displays the IP addresses of the Source and Destination that participate in the conversation going through Firewall. It also has the option to resolve the IP addresses to DNS names (whichever could be resolved) in the individual reports. You can do it by clicking Resolve DNS link that is provided in the report page. Moreover, Firewall Analyzer provides an option to configure DNS resolution for all the reports.
DNS resolution can be configured by following the steps given below:
If you want to configure DNS name manually, click the link "New". In that screen, there will be two text boxes, "IP Address" to enter the IP Address and "DNS Name:" to enter the DNS Name to which the IP Address should be mapped.
You can add more mappings using the Add button at the bottom. Click Save to effect the Manual IP,DNS Mapping . Click Cancel to cancel the configuration operation.
If you want to delete the manually added entries, click the 'Delete' icon. Click the 'Edit' icon to modify the entries.
Note: |
|
In this option, Firewall Analyzer will perform reverse NS lookup of all IP addresses automatically. This will be carried out for all the reports and the only DNS names (whichever could be resolved) will be displayed in the reports.
Use this option, if you want to see only DNS names of the hosts in all your reports.
In this option, Firewall Analyzer will not perform reverse NS lookup of IP addresses automatically and will display the IP addresses of the Source and Destination that participate in the conversation going through Firewall and if you want DNS names to be displayed for the hosts for a particular report, you can use the Resolve DNS link in the report.
In each of the individual reports a Resolve DNS link has been provided at the top. Clicking this link enables DNS Resolution for all the IP Addresses of the unresolved hosts present in the current report. The status of DNS Resolution depends on the default DNS lookup time, within which Firewall Analyzer will try to resolve the IP Address.
This is an existing option. Use this option, if you want to see DNS names of the hosts only in particular reports.
Note: If DNS Resolution is in progress for any other Firewall Analyzer user, then the subsequent user will see the message "Please wait, DNS Resolution in progress for another user" when clicking Resolve DNS link. Once the DNS Resolution is complete for the first user, then the DNS Resolution for the subsequent user begins automatically.
In this option, Firewall Analyzer will display only the IP addresses of the Source and Destination that participate in the conversation going through Firewall.
If you select this option, Resolve DNS option will not be available for any of the reports.
Use this option, if you want to see only IP addresses of the hosts in all your reports.
Note: | Firewall Analyzer will resolve all the IP Addresses into DNS names which are resolved by the 'nslookup' command from the machine where the product is installed. |
You can create the mapping file in two formats: .txt and .csv
The mapping format for .txt file is <IP address=DNS name> and the mapping format for .csv file is <IP address,DNS name>
Sample format
.txt file
192.168.140.241=dcqa-w10-64-2.csez.zohocorpin.com.
192.168.140.242=mari-4018.csez.zohocorpin.com.
192.168.140.243=balaji-7086.csez.zohocorpin.com.
192.168.140.244=AVX86F932.csez.zohocorpin.com.
192.168.140.245=AVXA52C65.csez.zohocorpin.com.
|
Sample format
.csv file
192.168.140.246,opm-test.csez.zohocorpin.com.
192.168.140.247,jayakumar-0446.csez.zohocorpin.com.
192.168.140.248,manoj-7159.csez.zohocorpin.com.
192.168.140.249,jagan-7424.csez.zohocorpin.com.
192.168.140.250,DESKTOP-0L39CQF.csez.zohocorpin.com.
|
You can create the mapping file in any one of the two formats and import it into Firewall Analyzer.