Manage IP Address Mapping
For networks configured to assign dynamic IP addresses, you can enable Dynamic IP Address Resolution. If the source IP address is a private address in the ranges 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8 , as defined in RFC 1918, Dimension can send a reverse DNS request to the DNS name server and resolve the IP address to a name. Dynamic address resolution does not work for private IP addresses outside this range, or for any public, routable IP addresses.
For Fireboxes with static IP addresses, you can create a static IP address/name pair to map any IP address to a name.
You can map a name for any IP address, even if a Firebox with that IP address is not connected to Dimension. After you enable dynamic IP address resolution or map an IP address to a name, that name for the Firebox appears in the Dashboard pages and reports anywhere the IP address formerly appeared.
For a static IP address mapping, you can choose to map each IP address individually, or you can import a CSV file with the IP address and name pair for each device. You can also export all of the IP address/name pairs in the Static IP Address Map list to a CSV file. If you import a CSV file with an IP address that was previously mapped, the existing IP address/name pair is replaced by the newly imported pair.
If you enable Dynamic IP Address Resolution, and also add a static IP address/name pair for a dynamically addressed device to the Static IP Address Map list, the name specified in the Static IP Address Map list is used instead of the name returned by the dynamic DNS lookup.
For a list of the reports to which IP address mapping applies, go to the Reports for IP Address Mapping section.
To unlock the configuration so you can make changes, click .
For more information about how to unlock and lock the Dimension configuration, go to Lock and Unlock the Dimension Configuration.
To manage IP address mapping:
- Select > Administration > Administration > Server Management.
The Server Management pages open with the Status tab selected. - Select the IP Address Mapping tab.
The IP Address Mapping page opens. - To unlock the configuration so you can make changes, click .
For more information about how to unlock and lock the Dimension configuration, go to Lock and Unlock the Dimension Configuration. - Configure the settings as described in the next sections.
Configure Dynamic IP Address Resolution
Dynamic IP Address Resolution only resolves host names for private IP addresses in the ranges 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8.
To enable Dimension to get the name for dynamically addressed devices:
- In the Dynamic IP Address Resolution section, click Configure.
The Dynamic IP Address Resolution dialog box opens. - Select the Enable dynamic IP address resolution check box.
- Click Save.
The setting in the Dynamic IP Address Resolution section changes to Enabled.
To disable dynamic IP address resolution:
- In the Dynamic IP Address Resolution section, click Configure.
The Dynamic IP Address Resolution dialog box appears. - Clear the Enable dynamic IP address resolution check box.
- Click Save.
The setting in the Dynamic IP Address Resolution section changes to Disabled.
Map a Single IP Address
You can manually add one IP address/name pair at a time to the Static IP Address Map list. To override the name returned from the DNS lookup for a dynamic IP address, you can add an IP address/name pair to the Static IP Address Map list.
In the Static IP Address Map section:
- From the drop-down list, select Global Map.
- Click Add.
The Add a Global IP Address Mapping dialog box opens. - In the IP Address text box, type the IP address to include in the pair.
- In the Name text box, type the name to map to the IP address.
- Click Save.
The new IP address/name pair appears in the Static IP Address Map list.
Find a Mapped Address in the List
You can use the Static IP Address Map search feature to locate a mapped IP address/name pair in the list. You can search by the IP address or the name specified for any pair in the list. The search parameters are case-sensitive and do not support wildcards.
When you are finished with your search, you can refresh the list to clear the results of your search and see the full list again.
In the Static IP Address Map section:
- In the Search text box, type the IP address or name to search on.
- Click Search.
The Static IP Address Map list is updated to show only IP address/name pairs that match your search parameters.
To refresh the list and clear the search results, click .
Use the Device Map to Filter the List
Another method you can use to locate a mapped IP address/name pair in the Static IP Address List is the Device Map filtered view. When you select the Device Map view, you can filter the Static IP Address List for any Firebox that appears in the Devices List with a logging or management connection to Dimension. This is particularly helpful when your Static IP Address List includes many devices.
To filter the Static IP Address List:
- From the drop-down list, select Device Map.
The Filter text box and button appear. - In the Filter text box, type the any characters from the Device Name for a Firebox connected to Dimension.
As you type, Dimension shows the connected Fireboxes with names that include the specified characters. - Select a Firebox and click Filter.
The list is updated to show only the Firebox you selected.
You can now edit or delete the IP address/name pair for the selected Firebox.
Edit a Single Mapped Address
You can change the name you specified for any IP address in the Static IP Address Map list. You cannot change the IP address specified in the mapped pair. If there is an error in the IP address, you must delete the IP address from the IP Address Map list and then map the IP address again.
In the Static IP Address Map section:
- From the drop-down list, select Global Map.
- From the Static IP Address Map list, select an IP address.
- Click Edit.
The Edit Global IP Address Mapping dialog box opens. - In the Name text box, type a new name.
- Click Save.
The new name for the IP address appears in the Static IP Address Map list.
Delete a Single Mapped Address
If the Static IP Address Map list includes IP address/name pairs that are no longer necessary, you can manually remove each pair from the list.
In the Static IP Address Map section:
- From the drop-down list, select Global Map.
- From the Static IP Address Map list, select an IP address.
- Click Remove.
The Delete Global IP Address Mapping dialog box opens. - Click OK.
The selected IP address/name pair is removed from the list.
Remove all Mapped Addresses
You can also reset the Static IP Address Map list to remove all IP address/name pairs from the list, whether you added them manually or imported them in a CSV map file.
In the Static IP Address Map section:
- From the drop-down list, select Global Map.
- Click Reset.
The Reset Global IP Address Mappings dialog box opens. - To immediately remove all mapped pairs from the list, click OK.
Import a File with Mapped Addresses
If you have many IP addresses to map to names, rather than map each IP address individually, you can import a CSV file that includes all the IP address/name pairs. You can also import a CSV file to change the names for IP addresses that are already included in the Static IP Address Map list.
Create the CSV File
To import more than one IP address/name pair to the Static IP Address Map list, create a CSV file that includes each IP address/name pair in this format:
<IP address>,<name>
For example: 203.0.113.10,examplecompany.com.
Make sure to save the CSV file with a descriptive name in a location that you can browse to from Dimension.
Import the CSV File
In the Static IP Address Map section:
- From the drop-down list, select Global Map.
- Click Import.
The Import Global Map File dialog box opens. - Click Browse and select the CSV file.
- Click OK.
The CSV file is imported and all of the included IP address/name pairs appear in the Static IP Address Map list. If your CSV file included changes to names for IP addresses already in the list, the old names are replaced by the new names.
Export the Static IP Address Map
You can export a CSV file that includes all the IP address/name pairs that you added to the Static IP Address Map list, whether you added each pair individually or imported the pairs in a CSV file. By default, the exported CSV file name is ip_domain_map_<yyyy>_<mm>_<dd>.csv. You can choose a different file name when you export the CSV file.
The Export feature is particularly helpful if you want to edit more than one IP address/name pair in the Static IP Address Map list. You can export the list to a CSV file, change the names specified for any of the IP addresses in the list, add more IP address/name pairs, and then import the updated CSV file. Any changed names for IP addresses that already appear in the Static IP Address Maplist are automatically updated, and any new pairs are added to the list.
To export a CSV file of the mapped IP address/name pairs:
- In the Static IP Address Map section, click Export All.
The Save As dialog box opens. - (Optional) To change the name of the CSV file, type a new name for the file.
- Select a location to save the CSV file.
- Click Save.
The CSV file is saved to the specified location.
Reports for IP Address Mapping
When you enable dynamic IP address mapping or add one or more IP address/name pairs to the Static IP Address Map list, the names appear instead of the IP addresses in the Dashboard summary and other reports included in these lists.
Dashboards
- Executive Dashboard — Top Clients and Top Destinations sections
- Security Dashboard — Blocked Clients and Blocked Destinations sections
- FireWatch
- Source tab — Remains available when you filter on a name
- All tabs — When you select View connections for for a name in the Destination column
- Policy Map
Available Reports
If you enable IP address mapping, the name specified for a Firebox instead of the IP address for the Firebox appears in these reports.
- Application Usage
- Top Applications by Host
- Top Hosts by Application
- Blocked Applications
- Top Blocked by Host
- Top Hosts Blocked
- Top Clients by Bandwidth
- Hosts (Sent and Received) pivot
- Hosts (Sent) pivot
- Hosts (Received) pivot
- Top Clients by Hits — Hosts pivot
- Most Active Clients Report
- Web Audit — Client pivot (for log messages without an authenticated user)
- WebBlocker — Client pivot (for log messages without an authenticated user)
- Per Client Report — If you specify the name in the search criteria
- Packet Filter Traffic
- Host Summary by Source — Hosts pivot
- Host Summary by Destination — Hosts pivot
- Session Summary — Source and Destination pivots
- Proxy Traffic
- Source by Hits — Hosts pivot
- Source by Bandwidth — Hosts pivot
- Destination by Hits — Hosts pivot
- Session by Hits — Hosts pivots for Source and Destination addresses
- Session by Bandwidth — Hosts pivots for Source and Destination addresses
- Subscription Services Reports
- Intrusion Prevention Service — Source pivot
- DLP Summary Report
- Firebox Reports
- Audit Trail — IP address pivot
- Denied Packets — Client pivot
- User Authentication — Allowed and Denied by location pivots
- Details Reports
- Alarms Detail — Source and Destination pivots
- Denied Packets Detail — Source and Destination pivots
- Denied Packets by Client Detail — Client pivot
- Intrusion Prevention Service — Source and Destination pivots