SecuReporter - Allow List

Zyxel_Claudia
Zyxel_Claudia Posts: 81  Zyxel Employee
Network Detective-New Adventure Badge Network Detective Badge First Comment Friend Collector

The Allow List feature in SecuReporter enhances security management by enabling administrators to specify trusted IP addresses that should not be flagged as threats. This is particularly useful for situations where legitimate services or applications are mistakenly flagged by the firewall’s reputation-based filtering. By adding these IPs to an allow list, users can avoid false positives and ensure uninterrupted access to essential services.

Key Benefits of the Allow List Feature

  1. Allow List Features Supported
    • IP Reputation
    • DNS Threat Filter
    • URL Threat Filter
  2. Customizable IP Management:
    • Administrators can manually add IP addresses to the allow list in SecuReporter to ensure they are not blocked by the firewall.
  3. Automatic Sync with Firewall:
    • The allow list entries in SecuReporter are automatically synchronized with the connected firewalls every 10 minutes.
    • This ensures that the latest allow list data is consistently updated across all devices without requiring manual intervention.
  4. Centralized Control:
    • All changes to the allow list are managed directly through SecuReporter, ensuring a unified control point for allowed IPs.
    • This prevents discrepancies and keeps the allow list configuration streamlined and centralized.

More Information

  1. Restriction on Firewall-Side Edits:
    • IP addresses added from SecuReporter are marked as coming from the allow list and cannot be edited or deleted directly from the firewall’s web GUI.
    • Any changes or deletions of allow list entries must be done through SecuReporter, ensuring consistent management and preventing accidental deletion.
  2. Removing IPs from the Allow List:
  3. Expiration and License Management:
    • If the SecuReporter license expires, the allow list is automatically cleared from the firewall, reverting IP reputation settings to default without any remaining allow list entries.
    • This ensures that allow list management remains centralized in SecuReporter and encourages timely renewal of the SecuReporter license for ongoing functionality.

The Allow List feature in SecuReporter offers administrators centralized, automated, and flexible control over IP reputation filtering, ensuring that trusted services remain accessible and operational without unnecessary interruptions.