Customize matrix topology

To customize the matrix topology:

  1. View the desired matrix. For more details, see View AFA matrix data.

    Note: You can perform this procedure in either the Overview or Reports tab.

  2. Click Topology.

    Note: If you do not have the necessary permissions for customizing the topology, this button is disabled.

    The Topology page appears.

    This page includes a connectivity diagram that shows the matrix's multi-tiered topology, with color coding designating external (red), internal (blue) or DMZ (orange) zones.

    The table on the right lists all of the zones in the matrix, their types, and the devices to which they are connected.

  3. To change a zone's type, do the following:
    1. Locate the desired zone in the table's Zone column.

    2. In the zone's row, in the Type column, select the zone's type.

      This can be any of the built-in types (EXTERNAL, INTERNAL, or DMZ) or a custom zone type. For more details, see Customize zone types.

    3. Click Apply.

      The connectivity diagram changes according to your changes.

  4. To change a zone's name, do the following:
    1. Locate the desired zone in the table's Zone column.

    2. In this column, type a new name for the zone.

      In any future reports you generate for this matrix, the zone will be represented by the name entered.

    3. Click Apply.

      The connectivity diagram changes according to your changes.

  5. To view a list of IP addresses in a specific zone, in the table's Zone column, click on the zone's name.

    The IP addresses of X area displays a list of IP addresses in the selected zone.

  6. To edit the list of IP addresses included in a zone, do the following:
    1. Locate the desired zone in the table's Zone column.

    2. In the zone's row, click Edit.

      The Edit dialog box appears.

    3. To add an individual IP address, a range of IP addresses, or a host group that is defined on the device, in the Edit IP Addresses area, click Add.
    4. To remove an IP address from the list, select the IP address and click Remove.
    5. Click OK.
    6. Click OK.
  7. To edit a zone's connectivity, do the following:
    1. Locate the desired zone in the table's Zone column.

    2. In the zone's row, click .

      The Edit dialog box appears.

    3. Specify which devices this zone is connected to, by selecting the devices in the Firewalls pane in the Edit connectivity area, and clicking Add.
    4. To remove a device from the list of devices that the zone is connected to, select the device in the Connected to box, and click Remove.
    5. Click OK.

    6. Click OK.

      The connectivity diagram changes according to your changes.

  8. Once you are satisfied with the topology you set, click OK.

    The new topology will be the default setting of the matrix and all future reports will be analyzed according to this topology.

    A message appears recommending that you run a new analysis for changes to take effect.

  9. Click OK.

    To run an analysis, see Run a manual AFA analysis.