Ensuring that internal traffic is not logged

Network Agent is generally configured to ignore traffic between machines in your network, and monitor only traffic that leaves your network (Internet requests). To do this, Network Agent needs to know which machines are part of your network.

Steps

  1. Go to the Settings > Network Agent > Global page in the Web module of the Security Manager.
  2. Check the IP address ranges listed in the Ignore Internal Traffic list.
    • Click an IP address or range to edit it.
    • Click Add to add missing IP addresses or ranges to the list.
    • Click Delete to remove entries.
    • If the client machines whose traffic you don’t want logged do not have a static IP address, ensure that they resides in a DHCP range that can be added to this list.

    Network Agent ignores traffic between these machines, monitoring only traffic that leaves the defined network.

  3. If you want to monitor, block, or permit traffic to some internal machines, add those IP addresses to the Internal Traffic to Monitor list.
    • By default, this traffic is both monitored and logged.
    • If you want to be able to block traffic to these machines, but don't want the blocked requests logged, you can configure that later.
  4. When you are finished making changes, click OK, and then click Save and Deploy to implement the change.

Next steps

If you are managing traffic to one or more of your internal machines, add the IP addresses of those machines (or the URLs used to access the machines) to a custom category. Then, use the Settings > General > Logging page to exclude the custom categories from logging (see Excluding categories from logging).