Dualog Endpoint protects all devices against traffic from unknown devices. Sometimes this causes network services to fail - e.g. if you try to connect to a computer using Remote Desktop or Windows File Sharing.
To allow communication between devices - for instance in the business network on a ship - the network must be marked as “trusted”. When a network is marked as trusted, Dualog Endpoint allows all traffic that would otherwise be allowed in the Windows Firewall to be allowed.
CONFIGURE TRUSTED NETWORKS
There are two ways of configuring networks as trusted in Dualog Endpoint:
- Manually configuring one network as trusted
- Automatically configuring all networks according to a network mask
MANUALLY CONFIGURING NETWORK AS TRUSTED
If you manually want to configure a network as trusted in Dualog Endpoint, you can do so using the “Network” tab on the apps-portal.
Inside the network portal, select the ship you want to configure.
Finally, to configure the network as trusted, click the three-dot menu to the right of the network you want to configure and slide the “Trusted network” slider.
AUTOMATICALLY CONFIGURE TRUSTED NETWORKS
If the fleet has a standardised network configuration, you can configure a default trusted network that will automatically be applied to new ships that are installed. This is handy if you don’t want to have to manually configure the networks for each new installation.
To configure a new trusted network, go to the “Configurations” tag in the apps-portal:
Scroll down to the “Trusted Networks” area of the configuration page and click “Add network”. Specify a network mask and click “Save”. See “Network Specification” below for details on the network mask:
When you have created the trusted network zone, all new networks that match the network mask specified will automatically be trusted. Existing networks are not modified - but you may run a manual sync by clicking the “Sync”-button.
To see what networks are covered by the network mask, you can click the “List”-button:
Network Mask Specification
Network masks are specified using the first IP address (called the network address) of a range, and a bit-value. The bit value specifies the size of the network.
Common network mask examples are:
All networks that match will be covered. If you specify the mask 10.0.0.0/8, the networks “10.0.1.0/24” and “10.1.0.0/24” will also be set to trusted.
Note: If you specify the network mask 0.0.0.0 / 0, all networks will be marked as trusted.
VALIDATE CONFIGURATION ON A CLIENT
After the network is configured to trusted in the portal, the service start updating all the installations in that network. Note that this could take up to 10-15 minutes.
To validate that trusted network settings are applied you can inspect the settings of one of the clients in the network. In the client’s ESET Endpoint software, go to “Setup” → “Advanced Setup” → “Network Protection” → “Zones” and click “View”.
If everything is OK, you should see the trusted network listed in the top setting.