Configuring IP addresses and ports for connection events

Use the IP Address and Port area of the Connection Events page for the Network IPS appliance to designate or exclude IP addresses and ports from filtering.

About this task

Navigating in the Network IPS Local Management Interface: Secure Protection Settings > Advanced IPS > Connection Events

Navigating in the SiteProtector™ system: select the Connection Events policy

Procedure

  1. Click the Add icon.
  2. Click either IPv4 or IPv6 in the IP Version area, depending on your network.
  3. Configure the following options:
    Option Description
    Source Address The appliance accepts comma-separated lists of IP addresses and ranges of IP addresses.

    Any: Filters all IP addresses.

    Exclude: Does not filter a specific IP address or a range of IP addresses.

    Important: Do not use 0.0.0.0-255.255.255.255 as the Site range. If you do, IP addresses are indiscriminately added to your ungrouped assets folder, such as IP addresses from websites.
    Click Import to import a CSV-formatted text file or a TXT file that contains valid IP addresses.
    Note: In the import text file, use a line break to separate each IP address (or range of IP addresses) entry.
    Example:
    192.168.9.10
    
    1.2.3.4 - 3.4.5.6
    
    3.3.3.3, 4.4.4.4, 5.5.5.5
    
    1.1.1.1
    Target Address
    Source Port The appliance accepts comma-separated lists of ports and port ranges.

    Any: Filters all ports.

    Exclude: Does not filter a specific port or a range of ports.

    Target Port

What to do next

On the Add Connection Events window, you can specify general settings and enable responses for events.