Manage IP Addresses

In this topic:

    In this section of the Dome9 console you can see all the IP addresses that have been allocated to your cloud resources, and see which rules (security groups) reference or affect them. This includes both internal and external (elastic) IP addresses. You can also label addresses, and classify them according to their logical location in the network (external, internal, DMZ). You see these labels and classifications when you view your VPC with Clarity (see Clarity).

    You can also define lists of IP addresses. You can apply a Security Group policy to the list, instead of applying it individually to each address.

    Benefits

    With the console view, you can see all your IP addresses at a glance, and see the rules that reference each address.

    When you attach a label to an address, you make it easier to identify in the Clarity view of your network.

    Similarly, you can easily group addresses into lists from the console, and apply security policies on lists, This makes it easier to apply policies, and reduces the possibility of error.

    Use-cases

    Typical use-cases for managing IP addresses from the Dome9 console are:

    • Identify IP addresses used in a VPC, or determine to which VPC an address is related.

    • Associate IP addresses with a list

    • Review the security rules associated with an IP address or group of addresses

     
     

    Actions

    View IP addresses

    You can see a list of all your IP addresses, across all cloud providers and accounts, and you can view details for a selected address.

    1. Select from the Network Security menu. A list of all IP addresses is shown, for all your VPCs on all your accounts.

    2. Click on an IP Address to show more details.

     

    Classify an IP address

    Dome9 classifies IP addresses as either Internal (to the VGC network), External (accessible from the internet through an internet gateway), or DMZ (partially accessible). This classification is shown in the Clarity visualization of your VGC network (see Clarity). You can classify each of your IP addresses.

    1. Select an IP address in the list, to open the details view for it.

    2. Click .

    3. In the pop-up, enter a name for the address (this will appear in the list, and in the Clarity display), and select a classification.

    4. If the address already has a classification, click to modify it, or to delete it.

      In the Clarity view of your VPC, you will see the IP address in the selected classification, with then name it was assigned:

     

    Define IP Lists

    IP lists are groups of IP addresses. You can apply a security group (rule) to an IP list instead of applying the rule to each IP addresses individually.

    1. Select from the Network Security menu. A list of all IP Lists will be shown.

    2. Click  to add a new list, or select one of the lists shown on the left, to show a list of the IP addresses included in it (on the right).

    3. Enter new IP addresses in the box, and click . Click SAVE when done.

    4. Click  to remove an IP addresses from a list. Click to delete a list; the IP addresses in the list are not deleted.

     
     

    See also

    Clarity