Configuring addresses and ports for connection events

Use the IP Address and Port area in Connection Events to designate or exclude addresses and ports from filtering for your Network IPS appliance.

About this task

Navigating in IPS Local Management Interface: Secure Protection Settings > Advanced IPS > Connection Events

Navigating in SiteProtector™ Management: select the Connection Events policy

Procedure
  1. Click the Add icon.
  2. Click either IPv4 or IPv6 in the IP Version area, depending on your network.
  3. Configure the following options for addresses and ports:
    Option Description
    Source Address Specifies the following options:
    • Any: filters all IP addresses.
    • Exclude: does not filter a specific address or a range of addresses.
    Note: Do not use 0.0.0.0-255.255.255.255 as the Site range. If you do, IP addresses are indiscriminately added to your ungrouped assets folder, such as IP addresses from websites.
    Target Address Specifies the following options:
    • Any: filters all IP addresses.
    • Exclude: does not filter a specific address or a range of addresses.
    Note: Do not use 0.0.0.0-255.255.255.255 as the Site range. If you do, IP addresses are indiscriminately added to your ungrouped assets folder, such as IP addresses from websites.
    Source Port Specifies the following options:
    • Any: filters all ports.
    • Exclude: does not filter a specific port or a range of ports.
    Note: The appliance accepts comma-separated lists of ports and port ranges.
    Target Port Specifies the following options:
    • Any: filters all ports.
    • Exclude: does not filter a specific port or a range of ports.
    Note: The appliance accepts comma-separated lists of ports and port ranges.

What to do next

On the Add Connection Events window, you can specify general settings and enable responses for events.