Add endpoints to the White List

UDT uses inclusion rules to determine whether endpoints connected to monitored devices are safe or unsafe. A rule will specify the address, hostname or subnet to be included. The following selection methods can be used in a rule.

Selection Method   Example
Device

Individual hostnames, IP Address or MAC Address

demo.lab
10.1.0.5
00-00-07-8C-29-47

IP range A range of IP addresses (IP4 or IP6)

10.1.0.1 to 10.1.0.27

MAC range

A range of MAC addresses

00-00-07-8C-29-40 to 00-00-07-8C-29-80

Subnet

a logical subdivision of IP addresses

Subnet address: 10.3.3.0
Mask: 255.255.255.0

Custom

Any hostname, IP or MAC address that contains a specific pattern

*.lab
10.1.*
00-00-07-8C-29*

A rule can consist of multiple instances of the same selection method.

Follow these steps to add endpoints to the White List by adding rules.

  1. Click Manage List on the Rogue Device widget on the Device Tracker Summary view. The existing inclusion rules are displayed.
  2. Click Add New on the Included tab.
  3. Click a Selection Method, and add the appropriate information:
    DeviceSelect the target (Hostname, IP Address or MAC Address), and enter the appropriate string. Click Add More to add another device, as needed.
    IP Range or MAC RangeEnter the Start address and End address of the range. Click Add More to add another range, as needed.
    SubnetClick the plus icon (+) and, in the Add New Subnet popup, enter the Subnet Address and Subnet Mask. Then click Add. Add further subnets, if required.
    CustomSelect a target and enter appropriate patterns, using asterisks (*) as wildcards as required. Enter each one on a separate line.
  4. Click Next.
  5. Optionally, enter a name and description for this rule.
  6. Click Finish.

Once a rule has been created you can:

  • Edit it, and change the parameters.
  • Disable it, so it is not applied until it is enabled again.
  • Delete it.