Endpoint Trusted Network Configuration

INTRODUCTION

Dualog Endpoint protects all devices against traffic from unknown devices. Sometimes this causes network services to fail - e.g. if you try to connect to a computer using Remote Desktop or Windows File Sharing.

To allow communication between devices - for instance in the business network on a ship - the network must be marked as “trusted”. When a network is marked as trusted, Dualog Endpoint allows all traffic that would otherwise be allowed in the Windows Firewall to be allowed.

CONFIGURE TRUSTED NETWORKS

There are two ways of configuring networks as trusted in Dualog Endpoint:

  1. Manually configuring one network as trusted
  2. Automatically configuring all networks according to a network mask

MANUALLY CONFIGURING NETWORK AS TRUSTED

If you manually want to configure a network as trusted in Dualog Endpoint, you can do so using the “Network” tab on the apps-portal.

 

Trusted-Network-Manual-Config.gif

Inside the network portal, select the ship you want to configure.

Trusted-Network-Trusted-Network.gif

Finally, to configure the network as trusted, click the three-dot menu to the right of the network you want to configure and slide the “Trusted network” slider.

Trusted-Network-Enable.gif

AUTOMATICALLY CONFIGURE TRUSTED NETWORKS

If the fleet has a standardised network configuration, you can configure a default trusted network that will automatically be applied to new ships that are installed. This is handy if you don’t want to have to manually configure the networks for each new installation.

To configure a new trusted network, go to the “Configurations” tag in the apps-portal:

Default-Trusted-Network-Tab.gif

Scroll down to the “Trusted Networks” area of the configuration page and click “Add network”. Specify a network mask and click “Save”. See “Network Specification” below for details on the network mask:

Default-Trusted-Network-Config-Area.gif

When you have created the trusted network zone, all new networks that match the network mask specified will automatically be trusted. Existing networks are not modified - but you may run a manual sync by clicking the “Sync”-button.

Default-Trusted-Network-Config-Area.gif

To see what networks are covered by the network mask, you can click the “List”-button:

Default-Trusted-Network-Config-Area.gif

Network Mask Specification

Network masks are specified using the first IP address (called the network address) of a range, and a bit-value. The bit value specifies the size of the network.

Common network mask examples are:

Network IP Bit Range
10.0.0.0 8 10.0.0.1-10.255.255.255
172.16.0.0 24 172.16.0.1-172.16.0.255
192.168.0.0 16 192.168.0.1-192.168.255.255
192.168.1.0 24 192.168.1.1-192.168.1.255

 

All networks that match will be covered. If you specify the mask 10.0.0.0/8, the networks “10.0.1.0/24” and “10.1.0.0/24” will also be set to trusted.

Note: If you specify the network mask 0.0.0.0 / 0, all networks will be marked as trusted.

VALIDATE CONFIGURATION ON A CLIENT

After the network is configured to trusted in the portal, the service start updating all the installations in that network. Note that this could take up to 10-15 minutes.

To validate that trusted network settings are applied you can inspect the settings of one of the clients in the network. In the client’s ESET Endpoint software, go to “Setup” → “Advanced Setup” → “Network Protection” → “Zones” and click “View”.

If everything is OK, you should see the trusted network listed in the top setting.

 

Trusted-Network-Validate-Client_1_.gif

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.