Add endpoints to the White List
UDT uses inclusion rules to determine whether endpoints connected to monitored devices are safe or unsafe. A rule will specify the address, hostname or subnet to be included. The following selection methods can be used in a rule.
| Selection Method | Example | |
|---|---|---|
| Device |
Individual hostnames, IP Address or MAC Address |
demo.lab |
| IP range | A range of IP addresses (IP4 or IP6) |
10.1.0.1 to 10.1.0.27 |
| MAC range |
A range of MAC addresses |
00-00-07-8C-29-40 to 00-00-07-8C-29-80 |
| Subnet |
a logical subdivision of IP addresses |
Subnet address: 10.3.3.0 |
| Custom |
Any hostname, IP or MAC address that contains a specific pattern |
*.lab |
A rule can consist of multiple instances of the same selection method.
Follow these steps to add endpoints to the White List by adding rules.
- Click Manage List on the Rogue Device widget on the Device Tracker Summary view. The existing inclusion rules are displayed.
- Click Add New on the Included tab.
- Click a Selection Method, and add the appropriate information:
Device Select the target (Hostname, IP Address or MAC Address), and enter the appropriate string. Click Add More to add another device, as needed. IP Range or MAC Range Enter the Start address and End address of the range. Click Add More to add another range, as needed. Subnet Click the plus icon (+) and, in the Add New Subnet popup, enter the Subnet Address and Subnet Mask. Then click Add. Add further subnets, if required. Custom Select a target and enter appropriate patterns, using asterisks (*) as wildcards as required. Enter each one on a separate line. - Click Next.
- Optionally, enter a name and description for this rule.
- Click Finish.
Once a rule has been created you can:
- Edit it, and change the parameters.
- Disable it, so it is not applied until it is enabled again.
- Delete it.