Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Import host from text file

Created: 22 Apr 2010 • Updated: 26 Apr 2010 | 7 comments
cmader's picture
4 Agree
1 Disagree
+3 5 Votes
Login to vote
Status: Reviewed

I would like the ability to import a listing of subnets into host groups so that I can use them in the firewall rules.  My current project is to block all of china's subnets and I am going to http://www.countryipblocks.net/ and selecting china and a list of subnets are presented to me in IP/NETMASK but I can't  manually add 1,000+ subnets into symantec New Host Group.  I would like to see a button in that screen that says import a file and end point will create the hosts for me.  Check out http://www.symantec.com/connect/forums/sep-firewall-rule-creationg 

Comments 7 CommentsJump to latest comment

cmader's picture

Or better yet a tool that can be run from the command line so that a batch file or custom application can be run to goto the website to download the subnets and then pass the subnets to the command line tool that will then insert them into SEP.

0
Login to vote
Jeremy Dundon's picture

This is a task that is better done by a perimeter firewall rather than a desktop based software firewall; Adding this functionality to SEP (or just adding 1000+ hosts to check via firewall rule) will slow down workstations and servers that it is applied to.

Perimeter firewalls (often physical devices rather than just software firewalls) have a built-in capacity to do just what you describe.

+1
Login to vote
cmader's picture

We do have a firewall but the problem i am facing is when users take their laptops home, i have no control over the sites to block and with all the website hijacking taking place and ads that re-direct to something that will infect their machine, i have to do something with knowing that performance may be effected.

0
Login to vote
Jeremy Dundon's picture

Good point. I overlooked laptops.

0
Login to vote
EnergySector's picture

Jeremy,

I have different requirements but am running into the same problem. We are trying to exempt False Positive IPS Port Scan Alerts. Since they are all coming from our DC I want to create a Host Group and add each of our DC's. We have just shy of 200 DC's and I do not understand how a import function is not available. We are a Enterprise Customer and the more I use SEP the more I realize it may not be up to the task of working in a Enterprise Environment where we have large amount of hosts and servers to work with.

When can we expect a TXT Import function in SEP?

0
Login to vote
blenahan's picture

This would be great, as we some extensive windows firewall exceptions that need to be opened.  It would take days to manually enter them one by one into the SEPM firewall policy.

_________________________________________________________________

Please remember to mark the thread 'SOLVED' with the answer that most helped you by choosing 'Mark As Solution' on the applicable answer

0
Login to vote
RHN's picture

Considering you can cut and paste IP's . Bulk entry would wonderful !!!

0
Login to vote