Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Creating a Topology Model

 

You can create one or more topology models.

The following table describes the test names and parameters that you can configure.

Table 1: Topology Tests

Test Name

Parameters

A rule is added to the selected devices that allows connections from source CIDRs to destination CIDRs on protocols, ports

Configure the following parameters:

devices— Specify the devices that you want to add to this rule. In the Customize Parameter window, select the All check box to include all devices or you can search devices by using one of the following search criteria:

IP/CIDR— Select the IP/CIDR option and specify the IP address or CIDR that you want to add this rule to.

Hostname— Select the Hostname option and specify the host name that you want to filter. To search for multiple host names, use a wildcard character (*) at the beginning or end of the string.

Adapter— Select the Adapter option and use the menu to filter the device list by adapter.

Vendor— Select the Vendor option and use the menu to filter the device list by vendor. You can also specify a model for the vendor. To search for multiple models, use a wildcard character (*) at the beginning or end of the string.

allows | denies— Select the condition (accept or denied) for connections that you want this test to apply.

CIDRs— Select any source IP addresses or CIDR ranges that you want to add to this rule.

CIDRs— Select any destination IP addresses or CIDR ranges that you want to add to this rule.

protocols— Specify the protocols that you want to add to this rule. To include all protocols, select the All check box.

ports— Specify the ports that you want to add to this rule. To include all ports, select the All check box.

A rule is added to the selected IPS devices that allows connections from source CIDRs to destination CIDRs with vulnerabilities

Configure the following parameters:

IPS devices— Specify the IPS devices that you want this topology model to include. To include all IPS devices, select the All check box.

allows | denies—Specify the condition (accept or denied) for connections that you want this test to apply.

CIDRs— Specify any source IP addresses or CIDR ranges that you want this topology model to include.

CIDRs— Specify any destination IP addresses or CIDR ranges that you want this topology model to include.

vulnerabilities— Specify the vulnerabilities that you want to apply to the topology model. You can search for vulnerabilities by using the Bugtraq ID, OSVDB ID, CVE ID, or title.

The following assets allow connections to the selected ports

Configure the following parameters:

Assets—Specify the assets that you want this topology model to include.

allow | deny—Specify the condition (allow or deny) for connections that you want this topology model to apply. The default is allow.

ports—Specify the ports that you want this topology model to include. To include all ports, select the All check box.

Assets in the following asset building blocks allow connections to ports

Configure the following parameters:

Assets building blocks— Specify the building blocks that you want this topology model to include.

allow | deny—Specify the condition (allow or deny) that you want this topology model to apply. The default is allow.

ports— Specify the ports that you want this topology model to include. To include all ports, select the All check box.

  1. Click the Risks tab.
  2. On the navigation menu, click Simulation >Topology Models
  3. From the Actions menu, select New.
  4. In the What do you want to name this model field, type a name for the model definition.
  5. In the Which modifications do you want to apply to your model pane, select the modifications that you want to apply to the topology to create your model.
  6. Configure the tests added to the Configure model as follows pane.
  7. When the test is displayed in the pane, the configurable parameters are underlined. Click each parameter to further configure this modification for your model. In the groups area, select the check box to assign groups to this question.
  8. Click Save Model.