Can the R3000 filter more than one subnet or network? Range to Detect


This article applies to:

  • R3000|WFR|WF

Question:

Can the R3000 filter more than one Subnet or Network?

Reply:

YES,
To view screen shots of the Range To detect section, see the link  https://support.trustwave.com/software/8e6/docs/ug/wf.r3000.ug.hsm.4.1.00-v1.01.pdf page 257

The Range to Detect window displays when Range to Detect is selected from the Global Group menu. This
window is used for defining segments of network traffic to be detected by the Web Filter in the invisible or router mode.
Service ports that should be open—ignored by the Web Filter—are also defined in this window.

The main window (Fig. 2:2-2) lets you add segments to the network, or modify or remove existing segments. The
Current Ranges list box includes a list of segments previously added using this feature. The Mandatory Settings tab
provides examples of settings that can be made.

Add a Segment to the Network
To add a segment to be detected on the network:
1. Click Add to go to the next page:

Click one of the following buttons to select the procedure for adding the segment:
• Start the Setup Wizard - clicking this button takes you to the Range to Detect Setup Wizard. Follow the
instructions in the Range to Detect Setup Wizard subsection to complete the addition of the segment on the
network.

Click the Start the Setup Wizard button to display Step 1 of the Range to Detect Setup Wizard. The Wizard is
comprised of six steps. An entry is required in Step 1, but not in Steps 2 - 5. Settings made using the Wizard are
saved in Step 6.
Step 1
In this step you define the source IP address(es) to be filtered.
Since the first four pages of the Wizard contain the same fields and buttons, instructions provided for this step are not
repeated for Steps 2 - 4.
1. Choose the appropriate option for entering the IP
address(es):
• IP / Netmask - use these fields to specify a range of IP
addresses
• Individual IP - use this field to enter a single IP
address

2. Click Add to include the segment in the list box above. NOTE: To modify the segment, select it from the list box and click
Modify to move the segment to the field(s) below for editing. To remove the segment, select it from the list box and click Remove.
3. Click Next to go to the next page of the Wizard.
NOTE: Click Cancel to be given the option to return to the main Range to Detect Settings window.

Step 2: Optional
In this step you define the destination IP address(es) to be filtered.
NOTE: By making entries in Destination IP fields, traffic will be restricted to the range specified in the Source IP and Destination
IP frames. This reduces the load on the Web Filter, thus enabling it to handle more traffic.

Step 3: Optional
In this step you define the source IP address(es) to be excluded from filtering.

Step 4: Optional
In this step you define the destination IP address(es) to be excluded from filtering. Any entries from the list box in Step
1 automatically display in the list box above.
NOTE: By making entries in Destination IP fields, traffic will be restricted to the range specified in the Source IP and Destination
IP frames. This reduces the load on the Web Filter, thus enabling it to handle more traffic.

Step 5: Optional
In this step you enter destination port numbers to be excluded from filtering.

1. In the Individual Port field, enter the port number to be
excluded from filtering.
2. Click Add to include the entry in the list box above.
NOTE: To remove the port number, select it from the list box and click Remove.
3. Click Next to go to the last page of the Wizard.

Step 6
In this final step of the Wizard you review your entries and make modifications, if necessary.
This article was previously published as:
8e6 KB 276521

Last Modified 6/14/2011.
https://support.trustwave.com/kb/KnowledgebaseArticle12339.aspx