Hello Barracuda NG Team
At the moment with DC agent it is only possible to filter out logon events from unwanted IPs or IP subnets.
DCAgent_IPFilter.jpg 27.43KB 0 downloads
In certain situations the reverse approach to send only logon events for one (or more) IP subnets would be more suitable. Great would be if this could even be combined with the requesting device/NG firewall.
- all DCs are located at the headquarter
- many NG firewalls with local Internet breakout in small sales offices (no local DC)
- user authentication for internet access and user based firewalling is required
In this setup it makes no sense to send all logon information from all locations to every NG firewall - better would be to send only the site specific logon events to the corresponding device.
The logon information of location A clients/IP subnet should only be sent to location A NG firewall.
The logon information of location B clients/IP subnet should only be sent to location B NG firewall, and so on ...
Please implement such a feature.
Thanks and Regards, Roland