Complete these tasks to manage or modify a location.

Search for a location

On the Location page, a search option is available to find locations. You can provide a search value such as the name, associated IP address or CIDR range, or the assigned policy.

📘
If you're a delegated or strict delegated administrator, this operation only finds the locations that you're allowed to access.

To search for a location:

In the Threat Protection menu of Enterprise Center, select Locations.
Click the search icon.
Enter a search term. A filtered list of locations appears based on the provided search term.

Assign a location policy

Complete this procedure to assign a policy to a location.

You can assign a separate policy for client traffic. For more information, see Override location policy for the client.

This procedure assumes that you are modifying an existing location. To create a new location, see Create a location.

To perform this task, you need to be an SIA administrator, delegated administrator, or tenant administrator. If you're a delegated or tenant administrator, you can modify the locations that you created or that you're allowed to access.

To assign a policy to a location:

In the Threat Protection menu of Enterprise Center, select Locations.
Hover over the location and click the edit icon.
Select a policy from the Location Policy menu.
Click the check mark icon to save the change.
Click Save or Save and Deploy.

Next steps

If you haven't deployed the location update, make sure you deploy it to the SIA network. For instructions see Deploy configuration changes.

Assign a policy to a sub-location

Complete this procedure to assign a new policy to a sub-location. In this procedure, you are modifying an existing sub-location.

To assign a policy as you create a sub-location, see Add a sub-location.

To assign a policy to a sub-location:

In the Threat Protection menu of Enterprise Center, select Locations.
Hover over the location and click the edit icon.
In the policy drop-down menu, select a policy.
Click the check mark icon to save the change.
Click Save or Save and Deploy.

Next steps:

If you haven't deployed the location update, make sure you deploy it to the SIA network. For instructions see Deploy configuration changes.

Override location policy for the client

You can select a policy that applies only to client traffic when it's on the corporate network. This policy overrides the location policy. To learn more about this feature, see Traffic from Clients.

This procedure assumes that you are modifying an existing location. To create a new location, see Create a location.

To assign a location client policy:

In the Threat Protection menu of Enterprise Center, select Locations.
Hover over a location and click the edit icon.
In the Override location policy for client menu, select a policy.
Click the check mark icon to save the change.
Click Save or Save and Deploy.

Next steps

If you haven't deployed the location update, make sure you deploy it to the SIA network. For instructions see Deploy configuration changes.

Allow or block traffic from unidentified IP addresses

You can select whether to allow or block traffic from unidentified IP addresses. In SIA, this location setting is reserved for users who are remote and make DNS requests from unexpected IP addresses that are not already associated with a location. By default, SIA is configured to allow traffic from unidentified IP addresses. However, SIA enforces a rate limit to requests that are made from this location.

📘
SIA does not resolve or log DNS requests with the ANY query type from locations with unidentified IP addresses.

To perform this task, you need to be an SIA administrator. If you're a delegated or strict delegated administrator, you can modify the locations that you created or that you're allowed to access.

To allow or block traffic from unidentified IP addresses:

In the Threat Protection menu of Enterprise Center, select Locations.
To block traffic from unidentified IP addresses, from the DNS traffic from unidentified setting at the top of the locations page, select Block.
To allow traffic from unidentified IP addresses, from the DNS traffic from unidentified locations setting, select Allow.
A confirmation message appears. Click Yes.
If you block traffic from unidentified IP addresses and you would like to allow traffic from a specific autonomous system number (ASN), see Configure ASN exceptions.

Next steps

Deploy configuration changes

Configure ASN exceptions

If you block traffic from unidentified locations, you can configure exceptions based on an autonomous system number (ASN). Traffic associated with an ASN exception is allowed.

To configure ASN exceptions:

In the Threat Protection menu of Enterprise Center, select Locations.
If the block action for the DNS traffic from unidentified locations setting was selected, the Except from ASN setting is available at the top of the locations page.
In the Except from ASN setting, click the text box and in the windows that appears, enter an ASN or multiple ASNs. Press Enter.
Click Save. A window appears to deploy this update.
Click Deploy.

Create and modify locations with CSV files

Enterprise Threat Protector allows administrators to bulk edit locations and associated IP addresses with CSV files. Administrators can download and upload CSV files for these updates.

📘
You cannot edit or modify sub-locations with CSV files.

You can add more than one location at a time by uploading a CSV file with location information already configured in the file, such as the location name and the associated IP address or CIDR ranges. SIA offers a template file that you can download to configure these settings in the required format.

With these other CSV files and options, you can:

Download all locations in a CSV file. This file allows you to view the settings associated with locations across your organization.
Delete locations. You can upload a CSV that contains locations you want to delete. This action allows you to easily delete multiple locations at once. You can list locations that you want to delete in the downloaded template file or you can modify a CSV file that contains all locations.
View locations with invalid DNS. If the dynamic DNS feature is enabled for an SIA configuration location, you can also download a spreadsheet that shows DNS errors or the locations that resolve to invalid IP addresses.

Download CSV with all locations

You can download a CSV that contains all locations. This CSV file allows you to view the settings associated with all locations.

If you need to delete many locations at once, you can download the CSV with all locations, modify it, and then upload the modified CSV for the delete operation. To delete multiple locations, see Delete locations with a CSV file.

To perform this task, you need to be an SIA administrator.

To download CSV with all locations:

In the Threat Protection menu of Enterprise Center, select Locations. Click the icon.
Select Download all locations as CSV file.

Download the locations CSV template file

If you want to create more than one location at a time, SIA offers a CSV template file that you can download and modify with location information.

To perform this task, you need to be an SIA administrator.

To download the locations CSV template file:

In the Threat Protection menu of Enterprise Center, select Locations. Click the icon.
Select Download CSV demo file. You can find the file wherever your browser saves downloaded files.

Next steps

Modify the CSV template file with the locations you want to add. For instructions, see Modify the CSV template file.
Add locations with the CSV file and upload the file to SIA. For instructions, see Add new locations with a CSV file.

Modify the CSV template file

To modify the CSV template file you downloaded from SIA:

Locate the CSV template file you downloaded and open the file. See Download the locations CSV template file.
In the Name column, enter the location name. Placeholder text is provided in the first four rows of the CSV. Replace "Location Name" with the name of the location you want to add.
If you want to associate a policy to the location, in the Policy name column, enter the name of the policy. If you do not assign a policy, the default policy is assigned. In SIA, the default policy may be called Default or Unidentified Location Policy. However, an administrator can also modify the name of the default policy.
In the IP/CIDR column, replace "CIDR1" with the IP address or CIDR block that you want to associate with the location. Make sure that you enter the IP address or CIDR block in this format

IPAddress/n

where:
- IPAddress is the IPv4 or IPv6 address.
- n is the bit prefix. The maximum CIDR block for IPv4 is /16 and for IPv6 it is /48.
If you want to add more than one IP address or CIDR block, add each entry to a column that follows.

If your organization uses dynamic DNS, you can also replace "CIDR1," "CIDR2," "CIDR3," "CIDR4," and "CIDRN" with domains.
Complete steps 2 to 4 for all the locations that you want to add.
If you did not replace any of the placeholder text, make sure that you remove the original placeholder text in rows for the location name, policy ID, and CIDR. For example, make sure you remove text like "Policy ID4" or "CIDR4."
Save the CSV file.

Next steps

Add new locations with a CSV file.

Add new locations with a CSV file

Before you begin

Modify the CSV template file.

You can add new locations by uploading a CSV file that contains the location information. SIA offers a template file that you can download and modify for this purpose. To download the CSV template file, see Download the locations CSV file.

To perform this task, you need to be an SIA administrator.

To add new locations with a CSV file:

In the Threat Protection menu of Enterprise Center, select Locations. Click the icon.
Select Add new locations via CSV file.
Locate and select the file.
If an error occurs and a location cannot be added, a CSV automatically downloads with the locations that generated errors. Complete these steps:
1. Open the CSV to view the errors.
2. Correct the location information. You can add these entries to a new template file or you can modify the CSV with errors. To correct a location configuration in the CSV with errors, remove the Error Message column and use the remaining columns to add or edit the IP addresses, CIDR blocks, or domains for each location that generated errors.
3. Save the CSV file.
4. Complete step 2 and 3 to upload the CSV file to SIA.

Next steps

After adding new locations with the CSV file, you need to deploy these configuration changes to the SIA network. For instructions see Deploy configuration changes.

Delete locations with a CSV file

You can upload a CSV file that contains the locations you want to delete. This task allows you to delete multiple locations at once. You can include the locations that you want to delete in a template file or you can modify a CSV file that contains all locations.

To perform this task, you need to be an SIA administrator.

To delete locations with a CSV file:

Create a CSV file with the locations you want to delete or download a CSV file:
- To create a CSV, open a spreadsheet and go to step 2.
- To download the locations template file, see Download the locations CSV template file.
- To download all locations in a CSV file, see Download CSV with all locations.
Modify the CSV file to include the locations that you want to delete. Note these conditions:
- If you're modifying the CSV file with all locations, remove the rows in the spreadsheet for the locations that you do not want to delete.
- If you're creating a spreadsheet, make sure the first three columns include location name, description, and policy name. This information needs to be entered in separate columns. For example, the first column should contain the location name, the second column should contain the description, while the third column should contain the policy name. The columns that follow can contain the associated IP addresses, CIDR blocks, or if your organization uses dynamic DNS, the associated domains.
Save the CSV file.
Upload the CSV file:
1. In the Threat Protection menu of Enterprise Center, select Locations. Click the icon.
2. Select Delete locations via CSV file.
3. Locate and select the CSV file that you created or modified.

Next steps

Deploy these configuration changes to the SIA network. For instructions see Deploy configuration changes.

Download a CSV with invalid DNS locations

If you've configured dynamic domains for a location, you can download a CSV file that shows which locations are configured with invalid domains. These domains may resolve to IP addresses where no response was detected or the resolved IP addresses are restricted or reserved. To correct these issues, you can update dynamic DNS entries with your dynamic DNS provider or you modify the location configuration.

To download a CSV with invalid DNS locations:

In the Enterprise Center navigation menu, select Locations. Click the icon.
Select Download locations with invalid DNS as CSV file. If the CSV does not automatically open, you can find the file wherever your browser saves downloaded files.

To correct these errors:
- Modify the settings associated with the individual locations.
- Use this CSV file to delete locations with invalid DNS entries and upload a new CSV file with the corrected location configurations. To do this, complete steps 3 and 4.
To delete the locations that produced errors:
1. Click the icon and select Delete locations via CSV file.
2. Locate the CSV file that you downloaded with invalid DNS entries.
To create new locations with the correct DNS settings:
1. Click the icon and select Download CSV demo file.
2. Modify the template file. For more information, see Modify the CSV template file.
3. Add new locations with the CSV file. For more information, see Add new locations with a CSV file.

Next steps

If you deleted and created new locations, deploy these configuration changes to the SIA network. For instructions see Deploy configuration changes.