Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1114
Views
0
Helpful
3
Replies

How to change the geolocation of a subnet in FiresIGHT

guillerm
Level 1
Level 1

‎09-02-2015 09:05 AM - edited ‎03-10-2019 06:26 AM

hello,

some of our internal networks are historically based on public IP subnets ;

we use ASA + FirePOWER+FireSIGHT solution,

and, so, FireSIGHT automatically, but incorrectly associates these internal subnets with the national flag of different countries based on its owns Geolocation database : this is visible in the different FireSIGHT dashboards and reports ;

There is a way in FireSIGHT to create new Geolocation Objects to group different regions or countries under a single logical name;

but it does not seem to exist an option that would allow to indicate that those internal subnets are not real public ones on Internet but local subnets;

 

Any idea ?

 

thanks in advance

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-03-2015 05:50 PM

If you customize the HOME_NET variable and exclude those private networks from your EXTERNAL_NETS object under Object management, that should fix the mis-identification.

0 Helpful

guillerm
Level 1
Level 1
In response to Marvin Rhoads

‎10-12-2015 04:01 AM

Hello Marvin,

I tried your solution but this did not change the problem ...

any other suggestion ?

thanks

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to guillerm

‎10-12-2015 05:46 AM

I'd suggest opening a TAC case.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card