IP Restriction alerts you of traffic flow between your device and a single IP address or a list of IP addresses.
You specify the IP addresses you need to be alerted about and select either whitelist alerting or blacklist alerting.
Examples of Whitelist alerting
For whitelist alerting, you select send or receive, or both to “the following IPs”. The following are examples when whitelist alerting would be useful.
- A vehicle tracking company needs their devices to communicate with a specific website (IP address) so the information can be displayed in their application.
If a device is communicating with the wrong IP address, the device's information is not stored in the website. When the device is not communicating to the specified IP address, an alert is triggered notifying the company to take action.
- An inmate tracking company, which is very security conscious, needs to know if their devices are potentially being hacked. If their devices communicate with an unknown computer, an alert is triggered notifying the company to take action.
Example of Blacklist alerting
For blacklist alerting, you select send or receive (or both send and receive) to “any IP other than the following IPs”. The following is an example of when blacklist alerting would be useful.
- A home healthcare company has tablet devices out in the field and needs notification when their users access unauthorized web sites (IP addresses). If their users attempt to browse an IP address specified in IP Restriction, an alert is triggered notifying the company to take action.
Setting an IP Restriction
Click to watch a short video or continue with the following instructions for information about setting an IP Restriction.
- Click Rules on the navigator.
- Click Create Rule on the Rules page.
- Enter a name for the new Rule.
- Select the Severity level (Low, Medium, High, or Critical). The default is Medium.
- Click Add Conditions.
- Click IP Restriction and click Continue. The page changes to show the IP Restriction selections.
- Select whether the IP is restricted when the Device is sending or receiving traffic.
- Select whether you need to receive
whitelist alerts for the specified IP addresses (any IP other than the following IPs)
blacklist alerts for the specified IP addresses (the following IPs).
- Enter the IP addresses. If you need more entry fields for entering IP addresses, click Add Another IP. A row is added where you can enter the next IP address. You continue this step until all IP addresses are entered.
Note: All octets (the four decimal numbers of the IP address) must be either a single number between 0-255, a range of any two numbers between 0-255, or an asterisk (*) to indicate a wildcard. And At least one octet must be non-wildcard.
If you need to copy and paste the IP address from a spreadsheet, select simple input view and copy and paste into the input field.
- Click Continue.
- Click Continue again. The IP addresses that you are restricting are displayed on the page. Verify the address or addresses are as you need. If changes are necessary, click Back to return and change, add, or delete addresses.
- Click Save.
Once Conditions are saved, they are displayed in a list in the Conditions section of the Create a Rule page.
Several Condition types are available. Adding at least one Condition is required.
Note: Duplicates of the same Condition within a Rule are not allowed. Refer to Following Rule Condition Restrictions for all restrictions.
For help with adding other conditions, refer to Creating a Rule and why a Rule is needed.
You be notified when an alert is triggered by selecting Add Action and adding one or more e-mail addresses. If you need help, refer to Receiving e-mail notifications about Alerts.
When the Condition and e-mail addresses have been added, click Create Rule.
- SecurityPro checks whether a name has been entered for the Rule. If a name is not entered, the Rule is not created and the Rule name field is highlighted in red. Enter a Rule name and click Create Rule to create the Rule.
- If a Severity Level for this Rule has not been selected, the Severity Level defaults to Medium.
- Once created, the new Rule is added to the list on the Rules page.
You can now assign this Rule to a Group.
Important! SecurityPro only monitors your devices to notify you when your Device is not behaving as expected. It does not resolve this behavior. You must take action to resolve your Device’s behavior and then acknowledge within SecurityPro that you have done so.