Subnet View Permissions
You can assign permissions to the new or existing user groups to view traffic related to specific network subnets in Sessions, Threats, and C2 pages in the Analysis pages and on the Dashboard.
User groups are only permitted to view session data which fall within the subnets to which they have been assigned. In order to prevent a user group being able to see sessions that they are not authorized to view, subnet permissions must be granted explicitly. Subnet Permissions are required to define a group's command and control (C2) event visibility. Empty values for subnet view permissions will result in users within that group being unable to see any sessions data. User groups should be assigned at least a single VLAN or subnet group. To grant a user group full subnet view permissions, add 0.0.0.0/0 to that user group on subnet view permissions tab.
Note: Adding localhost (127.0.0.1) to a group cidr range will allow users within that group to view any files or pcaps manually uploaded to they system
New User Group
- Click Authentication > User Groups > New Group. The Add Group page appears.
- Type the name and description for the user group, select an existing policy, and then click Save.
- Click the Subnet View Permissions tab.
- Type the required network subnets (one at a time) for which the user groups can view network traffic on the relevant Analysis pages and the Dashboard, and click Add.
- After adding all subnets, click Save.
Existing User Groups
- In Authentication > User Groups, click View corresponding to the user group you want to assign subnet view permissions. The Edit Group page appears.
- Click the Subnet View Permissions tab.
- Type the required network subnets (one at a time) for which the user groups can view network traffic on the relevant Analysis pages and the Dashboard, and click Add.
- After adding all subnets, click Save.
Note: When VLAN permissions are enabled, subnet view permissions apply only to the C2 page in the Analysis menu.