Specifying your internal networks and domains

Specifying your internal networks and domains

To help the Engine make the difference between network traffic inside your organization and network traffic destined to external entities, specify your internal networks and domains from the Web Console.

This configuration is sepecific to each Engine. If you have several Engines installed, set the internal networks and domains for each one of them.

Specifying the internal networks

To specify the subnetworks that the Engine must recognize as belonging to your organization:

  1. Log in to the Web Console hosting the Engine as admin.
  2. Click the Engine tab at the top right corner of the page and select Internal networks & domains from the left-hand side menu.
  3. At the bottom of the table entitled Internal network configuration, click ADD INTERNAL NETWORK to add a new internal network to the table.
  4. For each one of your internal IP networks, specify:
    • The subnetwork base address in the field Network.
    • The subnetwork mask in the field Mask.
  5. Repeat the operation for as many internal networks as you need to specify.
  6. Optional: Click the link Edit at the right of the network entry in the table to edit its contents.
  7. Optional: Click the link Delete at the right of the network entry in the table to remove the entry.
  8. Click Save changes at the bottom of the page to make your changes permanent and restart the Engine (or wait until you have finished configuring your internal domains).

Specifying the internal domains

Specifying the internal domains is only useful if you have purchased the Web and Cloud module. You need to write down only those domains that are hosted in servers outside your internal networks, so they are still considered internal web traffic even though they can be managed by an external organization. Domains served from your internal network are naturally considered internal.

The Engine never compacts domains identified as internal and it never sends these domains to the Application Library for detecting threats, since they are trusted.

To specify your internal domains:

  1. Log in to the Web Console as admin.
  2. Click the Engine tab at the top right corner and select Internal networks & domains from the left-hand side menu.
  3. Write down the list of domains inside the text box under the title Engine internal domains at the bottom of the page. Use the wildcards ? and * to replace one or several characters of the domain name and separate each domain in the list by a space. For instance:
    *.example.com *.nexthink.com *.nexthink.ch
  4. Click Save changes to make your changes permanent and restart the Engine.