06-23-2021 07:49 AM
Hello All,
Need some help regarding below points
1) Whats the purpose of Internal Network section in Umbrella Dashboard
2) Deployed 2 VA for umbrella and integrated umbrella dashboard with Domain Controller. Need my office machine in workgroup (not in domain) should applied umbrella policies. For that what should i need to do apart from adding my ISP public ip in Network Section of Umbrella
3) I had run windows script and connector on member of domain controller not on actual domain controller and found my all users/groups reflecting on umbrella dashboard. will it work for users policies. if not then why cause customer asking the same.
PLease help
Solved! Go to Solution.
06-23-2021 10:26 AM
1. Internal Networks is used if you have a VA installed in your local network. The VAs learn the real/internal IP address of the client. This IP address can be used in Umbrella policies.
2. If you apply a policy based on the public IP address, all traffic from that network would potentially match that policy, not just your PC. Seeing as you have VAs deployed, the VA will learn you local IP address, so you can configure an Umbrella Policy based on your local internal IP address.
3. Yes, it will work for user policies...so long as the VAs are used to learn the internal IP address of the user.
06-23-2021 10:26 AM
1. Internal Networks is used if you have a VA installed in your local network. The VAs learn the real/internal IP address of the client. This IP address can be used in Umbrella policies.
2. If you apply a policy based on the public IP address, all traffic from that network would potentially match that policy, not just your PC. Seeing as you have VAs deployed, the VA will learn you local IP address, so you can configure an Umbrella Policy based on your local internal IP address.
3. Yes, it will work for user policies...so long as the VAs are used to learn the internal IP address of the user.
06-23-2021 12:03 PM - edited 06-23-2021 12:03 PM
Thank you Rob for clarifying my doubt.
Regarding point 3
Should I have to add my Ad fetch users/groups in policies identity alongwith internal ip address or anyone would work.
06-23-2021 12:36 PM
Its cumulative, so if your specify AD Group + Network, then that Umbrella rule would apply to members of that AD group on that specific network. If the user is a member of the AD group but their IP address is not in the network, they won't match that specific rule.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide