IP Groups

Overview


Figure 1. Example IP Groups Page

The IP Groups page (Fig. 1) allows you to manage IP Groups for the selected company that can then be used when creating Firewall rules. See Configure : Firewall and Enterprise Templates : Firewall for details.

Add New IP Group

Use the Add IP Group form (Fig. 1) to create a new IP Group and to make it available for the selected company’s Firewall rules.

Name

Enter an informative, memorable, and unique name for this IP Group.

Description

Enter a brief description of this IP Group.

Scope

Choose whether or not this IP Group will be available to customers of the selected company. Using the default setting will NOT make the group available to these customers.

Add Button

Click the “Add IP Group” button to create a new IP Group with these settings.

After creating a new IP Group, you will need to edit that group in order to specify the IP addresses to include. See below for details.

View Existing IP Groups

Use the IP Groups list (Fig. 1) to view, edit, and delete existing IP Groups for the selected company.

Columns

  • [Edit] – edit button
  • [View Related Enterprise Templates] – view button
  • [View Related Events] – view button
  • Name – name of the IP Group
  • Description – description of the IP Group
  • Entries – IP addresses included in the IP Group
  • Scope – scope of companies with access to the IP Group
  • PCI – whether or not the group is a PCI DSS compatible IP Group
  • [Delete] – delete button

Actions

Edit IP Group

To edit an IP Group, click its gear icon button. This will open the Edit IP Group form in a new window (Fig. 5). See below for details.

View Related Enterprise Templates


Figure 2. Example Enterprise Templates List

To view which Enterprise Templates are using an IP Group for active Firewall rules, click its chain icon button. This will open the Enterprise Template list in a new window (Fig. 2). Here you can see the name of each related Enterprise Template, a link to manage the template, and whether or not the template is PCI DSS compliant.

View Related Events


Figure 3. Example Events List


Figure 4. Example Events List (More Detail)

To view Events related to an IP Group, click its list icon button. This will open the Events list in a new window (Fig. 3-4). Here you can see the date and type of each related Event. Click “More details” to see additional columns in this list. Click an Event’s Event Type to open another new window with full Event Information details. You can also filter the maximum number of Events to display in the list.

Delete IP Group

To delete an IP Group, click its minus icon button. This will open a confirmation panel asking you to confirm the deletion. If you are certain you want to delete the IP Group, click the “OK” button. Exercise caution, as this may affect any Firewall rules using this IP Group.

Edit Existing IP Group


Figure 5. Example Edit IP Group Page

Edit IP Group

Use the Edit IP Group form (Fig. 5) to make any desired changes to this IP Group, then click the “Save” button. Exercise caution, as this may affect any Firewall rules using this IP Group.

IP Entries

Use the IP Entries form (Fig. 5) to manage the IP addresses included in this IP Group. Enter the desired IP addresses, subnets, IP ranges, wildcards, or domains, then click the “Add” button to create the IP Entry. To delete an IP Entry, click its minus icon button. Exercise caution, as this may affect any Firewall rules using this IP Group.

Push Updates for IP Group

The new window containing the Edit IP Group form also contains the Push Updates for IP Group form (Fig. 5). If desired, click the “Push Updates” button to proactively push firewall changes to relevant Mako managed devices instead of waiting for changes to be picked up automatically the next time each device reloads its firewall.

PCI Status

Use the PCI Status for IP Group form (Fig. 5) to convert an IP Group to a PCI DSS compatible IP Group, after which all changes to the IP Group must first be reviewed by Mako Networks. Enter your password and click the “Convert to PCI Template” button. Exercise caution, as this action cannot be undone.

Was this post helpful?
Please let us know if this helped you find answers.
Yes
No