Configuring IP addresses and ports for firewall rules

Use the IP Address and Port area of the Firewall Rules page for the Network IPS appliance to designate or exclude IP addresses and ports from filtering by the appliance.

About this task

Navigating in the Network IPS Local Management Interface: Secure Protection Settings > Firewall > Firewall Rules

Navigating in the SiteProtector™ system: select the Firewall policy

Procedure

  1. Click the Add icon.
  2. Click either IPv4 or IPv6 in the IP Version area, depending on your network.
  3. Configure the following options:
    Option Description
    Source Address The appliance accepts comma-separated lists of IP addresses and ranges of IP addresses.

    Any: Filters all IP addresses.

    Exclude: Does not filter a specific IP address or a range of IP addresses.

    Important: Do not use 0.0.0.0-255.255.255.255 as the Site range. If you do, IP addresses are indiscriminately added to your ungrouped assets folder, such as IP addresses from websites.
    Click Import to import a CSV-formatted text file or a TXT file that contains valid IP addresses.
    Note: In the import text file, use a line break to separate each IP address (or range of IP addresses) entry.
    Example:
    192.168.9.10
    
    1.2.3.4 - 3.4.5.6
    
    3.3.3.3, 4.4.4.4, 5.5.5.5
    
    1.1.1.1
    Target Address
    Source Port The appliance accepts comma-separated lists of ports and port ranges.

    Any: Filters all ports.

    Exclude: Does not filter a specific port or a range of ports.

    Target Port
  4. Click OK.

What to do next

On the Add Firewall Rules window, you can specify general settings, like rule descriptions, rule actions, and rule characteristics.