You can set up zones so you can distinguish between sites with overlapping IP address space. A zone identifies the an interface used to communicate with devices within a zone, for example by its VPN or gateway. You can then assign devices to their appropriate zone, which means Entuity can then distinguish between devices with the same management IP address.
When using zones, you must ensure every device on your network is assigned to a zone.
Controlling access to devices by zones
When you have configured zones, Entuity segregates data storage, data processing and network communication by zone. This applies to devices as well as components such as VLANs, MACs, IP addresses, STP, CDP and LLDP.
Discovery of topology links is also constrained by zones - Entuity does not discover links between devices in different zones. However, you can create inter-zone connections by manually adding links.
Event management system and zones
The event management system only has one live EMS project, which covers all zones. You can configure zone awareness within the EMS project by setting up actions that test for the zone of a device or port before determining the action to take.
You can also restrict non-administrators to only those Views and permissions that are zone-specific, and which apply to them. Administrators of an Entuity server always have access to all zones.
Zones, syslog and traps
Entuity zones support IPv4 and IPv6 traps. sysLogger is also zone aware.
Entuity uses the IP address of the local interface, on which traps and syslogs messages are received, to search for the appropriate zone.
The zone's configured IP addresses are searched to try to match the source IP address with a device, but not with device IP adresses from other zones:
- When receiving syslogs and traps, Entuity will first use the zone the message came in on.
- If that fails, Entuity will attempt to identify the device.
- If that fails, Entuity will raise an event against the IP address and not the device.