Manage a location

Complete these tasks to manage or modify a location.

Search for a location

On the Location page, a search option is available to find locations. You can provide a search value such as the name, associated IP address or CIDR range, or the assigned policy.

📘

If you're a delegated or strict delegated administrator, this operation only finds the locations that you're allowed to access.

To search for a location:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations.

  2. Click the search icon.

  3. Enter a search term. A filtered list of locations appears based on the provided search term.

Assign a policy to a location

In addition to assigning a policy to a location from the Create Location or Edit Locations pages, you can also assign a policy to a location from the Locations page. You can assign only one policy to a location.

To perform this task, you need to be an ​SIA​ administrator, delegated administrator, or tenant administrator. If you're a delegated or tenant administrator, you can modify the locations that you created or that you're allowed to access.

To assign a policy to a location:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations.

  2. Go to the location and click the chain icon.

  3. Select a policy from the menu.

  4. Click Yes to confirm the policy assignment.

Next steps

Deploy the location configuration change to the ​SIA​ network. For instructions see Deploy configuration changes.

Allow or block traffic from unidentified IP addresses

You can select whether to allow or block traffic from unidentified IP addresses. In ​SIA​, this location setting is reserved for users who are remote and make DNS requests from unexpected IP addresses that are not already associated with a location. By default, ​SIA​ is configured to allow traffic from unidentified IP addresses. However, ​SIA​ enforces a rate limit to requests that are made from this location.

📘

​SIA​ does not resolve or log DNS requests with the ANY query type from locations with unidentified IP addresses.

To perform this task, you need to be an ​SIA​ administrator. If you're a delegated or strict delegated administrator, you can modify the locations that you created or that you're allowed to access.

To allow or block traffic from unidentified IP addresses:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations.

  2. To block traffic from unidentified IP addresses, from the DNS traffic from unidentified setting at the top of the locations page, select Block.

  3. To allow traffic from unidentified IP addresses, from the DNS traffic from unidentified locations setting, select Allow.

  4. A confirmation message appears. Click Yes.

Next steps

Deploy configuration changes

Create and modify locations with CSV files

Enterprise Threat Protector allows administrators to bulk edit locations and associated IP addresses with CSV files. Administrators can download and upload CSV files for these updates.

📘

You cannot edit or modify sub-locations with CSV files.

You can add more than one location at a time by uploading a CSV file with location information already configured in the file, such as the location name and the associated IP address or CIDR ranges. ​SIA​ offers a template file that you can download to configure these settings in the required format.

With these other CSV files and options, you can:

  • Download all locations in a CSV file. This file allows you to view the settings associated with locations across your organization.

  • Delete locations. You can upload a CSV that contains locations you want to delete. This action allows you to easily delete multiple locations at once. You can list locations that you want to delete in the downloaded template file or you can modify a CSV file that contains all locations.

  • View locations with invalid DNS. If the dynamic DNS feature is enabled for an ​SIA​ configuration location, you can also download a spreadsheet that shows DNS errors or the locations that resolve to invalid IP addresses.

Download CSV with all locations

You can download a CSV that contains all locations. This CSV file allows you to view the settings associated with all locations.

If you need to delete many locations at once, you can download the CSV with all locations, modify it, and then upload the modified CSV for the delete operation. To delete multiple locations, see Delete locations with a CSV file.

To perform this task, you need to be an ​SIA​ administrator.

To download CSV with all locations:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations. Click the IMAGE_STUB icon.

  2. Select Download all locations as CSV file.

Download the locations CSV template file

If you want to create more than one location at a time, ​SIA​ offers a CSV template file that you can download and modify with location information.

To perform this task, you need to be an ​SIA​ administrator.

To download the locations CSV template file:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations. Click the IMAGE_STUB icon.

  2. Select Download CSV demo file. You can find the file wherever your browser saves downloaded files.

Next steps

  1. Modify the CSV template file with the locations you want to add. For instructions, see Modify the CSV template file.

  2. Add locations with the CSV file and upload the file to ​SIA​. For instructions, see Add new locations with a CSV file.

Modify the CSV template file

To modify the CSV template file you downloaded from ​SIA​:

  1. Locate the CSV template file you downloaded and open the file. See Download the locations CSV template file.

  2. In the Name column, enter the location name. Placeholder text is provided in the first four rows of the CSV. Replace "Location Name" with the name of the location you want to add.

  3. If you want to associate a policy to the location, in the Policy name column, enter the name of the policy. If you do not assign a policy, the default policy is assigned. In ​SIA​, the default policy may be called Default or Unidentified Location Policy. However, an administrator can also modify the name of the default policy.

  4. In the IP/CIDR column, replace "CIDR1" with the IP address or CIDR block that you want to associate with the location. Make sure that you enter the IP address or CIDR block in this format

    IPAddress/n

    where:

    • IPAddress is the IPv4 or IPv6 address.

    • n is the bit prefix. The maximum CIDR block for IPv4 is /16 and for IPv6 it is /48.

    If you want to add more than one IP address or CIDR block, add each entry to a column that follows.

    If your organization uses dynamic DNS, you can also replace "CIDR1," "CIDR2," "CIDR3," "CIDR4," and "CIDRN" with domains.

  5. Complete steps 2 to 4 for all the locations that you want to add.

  6. If you did not replace any of the placeholder text, make sure that you remove the original placeholder text in rows for the location name, policy ID, and CIDR. For example, make sure you remove text like "Policy ID4" or "CIDR4."

  7. Save the CSV file.

Next steps

Add new locations with a CSV file.

Add new locations with a CSV file

Before you begin

Modify the CSV template file.

You can add new locations by uploading a CSV file that contains the location information. ​SIA​ offers a template file that you can download and modify for this purpose. To download the CSV template file, see Download the locations CSV file.

To perform this task, you need to be an ​SIA​ administrator.

To add new locations with a CSV file:

  1. In the Threat Protection menu of Enterprise Center, select Locations > Locations. Click the IMAGE_STUB icon.

  2. Select Add new locations via CSV file.

  3. Locate and select the file.

  4. If an error occurs and a location cannot be added, a CSV automatically downloads with the locations that generated errors. Complete these steps:

    1. Open the CSV to view the errors.

    2. Correct the location information. You can add these entries to a new template file or you can modify the CSV with errors. To correct a location configuration in the CSV with errors, remove the Error Message column and use the remaining columns to add or edit the IP addresses, CIDR blocks, or domains for each location that generated errors.

    3. Save the CSV file.

    4. Complete step 2 and 3 to upload the CSV file to ​SIA​.

Next steps

After adding new locations with the CSV file, you need to deploy these configuration changes to the ​SIA​ network. For instructions see Deploy configuration changes.

Delete locations with a CSV file

You can upload a CSV file that contains the locations you want to delete. This task allows you to delete multiple locations at once. You can include the locations that you want to delete in a template file or you can modify a CSV file that contains all locations.

To perform this task, you need to be an ​SIA​ administrator.

To delete locations with a CSV file:

  1. Create a CSV file with the locations you want to delete or download a CSV file:

  2. Modify the CSV file to include the locations that you want to delete. Note these conditions:

    • If you're modifying the CSV file with all locations, remove the rows in the spreadsheet for the locations that you do not want to delete.

    • If you're creating a spreadsheet, make sure the first three columns include location name, description, and policy name. This information needs to be entered in separate columns. For example, the first column should contain the location name, the second column should contain the description, while the third column should contain the policy name. The columns that follow can contain the associated IP addresses, CIDR blocks, or if your organization uses dynamic DNS, the associated domains.

  3. Save the CSV file.

  4. Upload the CSV file:

    1. In the Threat Protection menu of Enterprise Center, select Locations > Locations. Click the IMAGE_STUB icon.

    2. Select Delete locations via CSV file.

    3. Locate and select the CSV file that you created or modified.

Next steps

Deploy these configuration changes to the ​SIA​ network. For instructions see Deploy configuration changes.

Download a CSV with invalid DNS locations

If you've configured dynamic domains for a location, you can download a CSV file that shows which locations are configured with invalid domains. These domains may resolve to IP addresses where no response was detected or the resolved IP addresses are restricted or reserved. To correct these issues, you can update dynamic DNS entries with your dynamic DNS provider or you modify the location configuration.

To download a CSV with invalid DNS locations:

  1. In the Enterprise Center navigation menu, select Locations > Locations. Click the IMAGE_STUB icon.

  2. Select Download locations with invalid DNS as CSV file. If the CSV does not automatically open, you can find the file wherever your browser saves downloaded files.

    To correct these errors:

    • Modify the settings associated with the individual locations.

    • Use this CSV file to delete locations with invalid DNS entries and upload a new CSV file with the corrected location configurations. To do this, complete steps 3 and 4.

  3. To delete the locations that produced errors:

    1. Click the IMAGE_STUB icon and select Delete locations via CSV file.

    2. Locate the CSV file that you downloaded with invalid DNS entries.

  4. To create new locations with the correct DNS settings:

    1. Click the IMAGE_STUB icon and select Download CSV demo file.

    2. Modify the template file. For more information, see Modify the CSV template file.

    3. Add new locations with the CSV file. For more information, see Add new locations with a CSV file.

Next steps

If you deleted and created new locations, deploy these configuration changes to the ​SIA​ network. For instructions see Deploy configuration changes.