Configure your internal network parameters, trusted networks, and external IP ranges to help Cortex Cloud identify and map your network assets.
Network asset visibility is an investigative tool for discovering rogue devices and preventing malicious activity within your environment. By defining your network boundaries, you reduce the amount of manual research required to distinguish between managed and unmanaged assets, identify internal assets, and monitor data communications moving in and out of your network.
Configure network parameters
Navigate to → → to define the boundaries of your organization's network. The configuration page allows you to set:
By default, Cortex Cloud automatically populates private network ranges based on industry-approved reserved ranges. To define custom internal ranges, click Add New Range. You can manually enter a name and IP address, range, or CIDR notation, or you can upload a CSV file.
Note
You can add a new range that is fully contained within an existing range, but you cannot add a new range that partially intersects with another.
Notice
This feature is included with the Attack Surface Management (ASM) add-on.
All external IPv4 and IPv6 address ranges that Cortex Cloud has discovered through ASM scans and attributed to your organization are listed here, including details such as the first/last IP address, active responsive IPs count, and ASN handles.
Internal domain suffixes are DNS domain suffixes that are used within your internal network. Adding your domains here allows Cortex Cloud to use them for analytics engine profiling. Click +Add to enter a new domain suffix to your domains list.
You can define networks that are considered safe or authorized within your environment. To add a trusted network, click Add trusted network. You can manually provide a name, optional description, and the CIDR block or you can upload a CSV file to bulk import multiple networks.