Create a Generic Text Connector

This task discusses how to create an ad hoc list of IP addresses you maintain manually and retrieve at an interval you select (30 seconds by default). You can update the list of addresses anytime you want.

Before you begin

Create text files with IP addresses and put it on a web server that is accessible from the Security Cloud Control. IP addresses can include CIDR notation. The text file must have only one IP address per line.

For example, you might have a list of IP addresses for an "allow list" in access control rules and another list of IP addresses for a "block list" in access control rules.

You can specify up to 10,000 IP addresses per text file.

Note

Do not include a scheme (http:// or https://) in your IP addresses.

Procedure


Step 1

Log in to Security Cloud Control.

Step 2

Click Firewall.

Step 3

Click Administration > Dynamic Attributes Connector > Connectors.

Step 4

Do any of the following:

  • Add a new connector: click Add icon (add icon), then click the name of the connector.

  • Edit a connector: click Edit icon (edit icon).

  • Delete a connector: click Delete icon (delete icon).

Step 5

Enter the following information:

Item

Description

Name

Enter a name to identify the connector.

Description

(Optional.) Enter a description

Pull Interval

Change the frequency, in seconds, at which the dynamic attributes connector retrieves IP addresses from the text file. The default is 30 seconds.

The minimum value for Pull Interval is 1 second. You can set the maximum to any value you want. We recommend against setting the minimum to a low value because it can generate a lot of traffic, and, when applicable, can result in your being billed for the traffic.

URLs

Enter each URL from which to retrieve IP addresses, one URL per line.

Add another URL

(Optional.) Click the link to add more URLs to an existing list.

Certificate

(Optional.) If a certificate chain is required for a secure connection to the web server, you have the following options:

  • Click Get Certificate > Fetch to automatically fetch the certificate or, if that is not possible, get the certificate manually as discussed in Manually Get a Certificate Authority (CA) Chain.

  • Click Get Certificate > Browse from file to upload a certificate chain you downloaded previously.

Step 6

Click Test and make sure the test succeeds before you save the connector.

Step 7

Click Save.

Step 8

Make sure Ok is displayed in the Status column.