Use Case:
- When an IP address associated with botnet command-and-control infrastructure is detected, administrators can configure a policy to block all device traffic to this IP to prevent potential compromise.
IP policies allow you to configure the following:
1
2
Specify the target IP address(es):
- A single IP address (e.g.,
192.168.1.0). - An IP range (e.g.,
192.168.1.0 – 192.168.1.13). - CIDR notation (e.g.,
192.168.1.0/24).
3
Select the applicable traffic direction:
Outbound: Traffic originating from the device to the external IP.Inbound: Traffic originating from the external IP to the device.
4
Select target devices:
- Apply to device groups (based on tags).
- Apply to specific individual devices.
5
Enter a description or reason for the policy.