Network Segments
We define a network segment as a logical grouping of interfaces, routes and addresses as part of a zone used to create a network map. Network segments are assigned to zones. You can then assign device interfaces and create routes or addresses to network segments to build your network map.
The addresses associated with a network segment are used in two primary ways.
-
APA uses them to guide if a packet should stop in that segment. If the destination matches those addresses then it will stop, otherwise it will inspect neighboring devices to see if they handle the traffic.
-
Compliance Zones use them with SIQL and some of the functions in the language (routes, intersectsZone). Usually these are defined in certain controls.
Having a network segment without an interface will impact any SIQL oriented compliance controls and assessments.
The application server, database server, and plugin processor server must all be on the same network segment.
Open the Network Segments Page
To open the Network Segments page, on the toolbar, click FireMon Objects > Network Serments.
Network Segments List
The following table defines the values in the Network Segments table. The order listed is ascending by Name, but can also be sorted by Description.
| Vlaue | Description |
|---|---|
| Name | The name of the network segment. Auto-generated network segments derive their name from the device IP. |
| Description | A description of the segment. |
| Compliance Zone | The compliance zone assigned to the network segment. |
|
Action menu with options for tasks to complete at the network segment level. |