SecureGUARD GmbH

Technical Blog for SecureGUARD Products and Solutions

Networks and Computers

In this post I want to give a deep dive in network and computer objects.

Networks

A Network consists of one or more IPv4 and/or IPv6 address ranges. A network is not bound to a network adapter. IP-address ranges in a network don't have to be consecutive.

There are two BuiltIn network objects which are not subject to edit:

1. All Networks: includes all IPv4 and IPv6 addresses

2. Localhost: includes all IPv4 and IPv6 addresses configured on any network interface on the operating system environment where CG is installed.

 

Networks for private address ranges as defined in RFC 1918 are created during installation. This networks can be edited or deleted as needed.

 

Add Network 

To add a new network just click the "Create Network" button on top of the Network Tasks within the "Commands Pane".

You can define also exclusions from an IP-address range.

One important thing to think about is the "Localhost Handling". With this selection you can define the behavior of the firewall engine with IP addresses configured on the local system.

1. Exclude Localhost: automatically excludes all configured IP addresses from the local system to the created network in the background.

2. Include Localhost: automatically includes all configured IP addresses from the local system to the created network in the background.

3. None: Localhost addresses are not processed separately. If an addresses of the local system is within the specified range, they stay included. Otherwise they stay excluded.

 

Network Sets

A network set consists of one or more specific networks.

 

Computers

Computer objects are used to define names for specific IP addresses for better usability within the different rule sets.

Computer Sets

Computer Sets are collections of computer objects and can be used with different rule sets.

Add comment

Loading