Making Additional Customizations › Set Up Application Mapping › Create a Subnet Application Mapping Rule

Create a Subnet Application Mapping Rule

Create a Subnet application mapping rule to combine, separate, or more clearly identify traffic that originates from a particular subnet and mask. For example, a Subnet rule can enable reports to show the total traffic for an application.

Follow these steps:

1. Open the Application Definitions page:
   1. Select Administration from the NFA console menu.

      The Administration page opens.

   2. Select Application Definitions in the Administration menu.

      The Application Definitions page opens.

2. Verify that Application Mapping is the selected value for Rules.
3. Click Add Rule.

   The Add Application Mapping dialog opens.

4. Verify that Subnet is selected as the rule type at the top of the dialog. (Subnet is selected by default.)

   The Add Application Mapping dialog displays the options for a Subnet application mapping rule.

5. Specify values for the following settings:
   • Subnet: IP address of the data source, expressed in dotted decimal format. To specify a subnet that matches all addresses, use 0.0.0.0/0 as the subnet and mask.
   • Mask: Mask to apply to the subnet.
   • Protocol: Protocol of the data that is affected by the rule, either TCP or UDP
   • Start Port: Beginning of the port range for collected data, expressed in Base 10 decimal format. The Start Port is included in the port range. The maximum port value that is allowed is 65535.
   • End Port: Last port in the range to use for collecting data. The End Port is included in the port range.
   • Destination Port: Target port that collects the mapped data

     If you specify a destination port that is already used by other rules, the traffic for the related rules will be combined.

   • (Optional) Click Check to run a general check to detect whether the specified port is already receiving data. The check fails if the port is receiving native data--that is, data that is not mapped by application mapping rules. If any native data is on the specified destination port, that data is redirected to the rebase port.
   • Name: Identifier for the rule as it is listed on the Application Definitions page

     The rule name also is the label for the mapped traffic in certain reports. If other rules map traffic to the same destination port that you specify for this rule, specify the name that you want to use for the combined traffic.

   • Description: (Optional) Additional descriptive text to identify the rule type and its use, which is displayed only on the Application Definitions page
6. Click Save.

   The dialog closes. The new rule is added to the Application Mapping rule list. If any other rules map traffic to the same port and you specified a new rule name, the other rule names are updated.

7. (Optional) Run reports to verify that the traffic on the designated destination port fits the rule.
8. (Optional) Review the effects of the new or changed application mapping rules on reports, then consider renaming the rule to label the mapped traffic more clearly in reports.