Configuring DNS Resolution
Firewall Analyzer by default displays the IP addresses of the Source and Destination that participate in the conversation going through Firewall. It also has the option to resolve the IP addresses to DNS names (whichever could be resolved) in the individual reports. You can do it by clicking Resolve DNS link that is provided in the report page. Moreover, Firewall Analyzer provides an option to configure DNS resolution for all the reports.
DNS resolution can be configured by following the steps given below:
- In the Firewall Analyzer web client, select the Settings tab.
- In Settings screen, select the System Settings > Configure DNS link. Resolve DNS Configuration page appears.
- On the top, there are three options provided with radio buttons. Select an option as per your requirement, by clicking the radio button. The options are:
- Select IPAddress and DNSName mapping in memory as per your requirement from the drop down list. The list options are 5000, 10000, and 20000. This denotes the number of IP address and DNS name mappings to cached in the memory of the machine. You can leave it undisturbed with the default value.
- Click Update to effect the Resolve DNS Configuration. Click Cancel to cancel the configuration operation.
Manual DNS Configuration
If you want to configure DNS name manually, click the link "Want to configure (Add/Edit) DNS name manually? Click Here". Manual DNS Configuration page appears. Click the Add Entry link. This pops-up the Manual DNS Addition screen. In that screen, there will be two text boxes, "Enter IP:" to enter the IP Address and "DNS Name:" to enter the DNS Name to which the IP Address should be mapped.
You can add more mappings using the Add Entry button at the bottom. Click Update to effect the Manual IP,DNS Mapping . Click Cancel to cancel the configuration operation.
If you want to delete the manually added entries, select the checkboxes and click the 'Delete' icon. Click the 'Edit' icon to modify the entries.
- The 'Add Entry ' manual configuration will update IP, DNS mappings into Firewall Analyzer memory.
- Manually added values will overwrite already resolved IP,DNS mappings.
- On the fly report generation is possible, if you configure DNS mapping manually in case of dynamic IP address allocation using DHCP protocol.
Description of the options
- Do Reverse lookup automatically. I want to see DNS name everywhere instead of IPAddress.
In this option, Firewall Analyzer will perform reverse NS lookup of all IP addresses automatically. This will be carried out for all the reports and the only DNS names (whichever could be resolved) will be displayed in the reports.
Use this option, if you want to see only DNS names of the hosts in all your reports.
- Don't Reverse lookup automatically. Let me get an option to do that in my reports.
In this option, Firewall Analyzer will not perform reverse NS lookup of IP addresses automatically and will display the IP addresses of the Source and Destination that participate in the conversation going through Firewall and if you want DNS names to be displayed for the hosts for a particular report, you can use the ResolveDNS link in the report.
In each of the individual reports a ResolveDNS link has been provided at the top. Clicking this link enables DNS Resolution
for all the IP Addresses of the unresolved hosts present in the current
report. The status of DNS Resolution depends on the default DNS lookup
time, within which Firewall Analyzer will try to resolve the IP Address.
This is an existing option. Use this option, if you want to see DNS names of the hosts only in particular reports.
||If DNS Resolution is in progress for any other Firewall Analyzer user,
then the subsequent user will see the message "Please wait, DNS
Resolution in progress for another user" when clicking ResolveDNS
link. Once the DNS Resolution is complete for the first user, then the
DNS Resolution for the subsequent user begins automatically.
- No lookup at all. I want to see IPAddresses everywhere.
In this option, Firewall Analyzer will display only the IP addresses of the Source and Destination that participate in the conversation going through Firewall.
If you select this option, Resolve DNS option will not be available for any of the reports.
Use this option, if you want to see only IP addresses of the hosts in all your reports.
||Firewall Analyzer will resolve all the IP Addresses into DNS names which are resolved by the 'nslookup' command from the machine where the product is installed.