Available in: Policy > Network Objects


When creating network objects you need to define their network allocation by assigning them to the Internal or External network.


The network allocation in network objects.


Both, the Internal and External networks are basically superordinate network objects, i.e. they contain the network objects assigned to them. They are hard-coded and cannot be changed. You can assign network objects to them as required by your network setup.


The Internal and External networks can be used as source and destination networks in rules just like any other network object (see also Network Objects and Blocking TCP Port Scanners for an example that uses a network object in rules).


Regarding asset tracking, Threat Defender does not create asset database entries for hosts located in the External network but only for hosts in the Internal network.

Note that we provide a preset static network object for the private IP address ranges that is already labeled as Internal by default. You can use or adapt it as required.


Important: The Internal and External networks do not refer to your network settings of the Management Interface. Threat Defender will NOT interpret the entered network configuration as internal and all others as external.