Athena NGFW (Next-Generation Firewall)

Athena NGFW (previously known as Network Secure) provides comprehensive protection for every network perimeter, ensuring the safety of your valuable assets, data, and users from emerging threats.
{{ $t('productDocDetail.guideClickSwitch') }}
{{ $t('productDocDetail.know') }}
{{ $t('productDocDetail.dontRemind') }}
8.0.107
Athena NGFW (Next-Generation Firewall) {{ breadTitle }} User Manual Objects Network Objects
{{sendMatomoQuery("Athena NGFW (Next-Generation Firewall)","Network Objects")}}

Network Objects

{{ $t('productDocDetail.updateTime') }}: 2026-02-05

To define IP address sets, which can be LAN IP addresses, an IP range, or all IP addresses in the public network. These sets can form a new set, namely the IP address group. Network objects properly defined provide calls such as application control policy. The objects can be imported or exported to perform quick configuration, as shown below.

Click Add to add network objects according to the address or address group. There are three types of addresses: IP Address, Business Asset Address, and User IP Address. See the figure below.

Name: Fill in the corresponding name.

Description: Enter description information.

Address Group: (Optional) The group to be joined by the IP address.

Protocol: Select IPv4 or IPv6.

IP Address: Enter the IP address.

DNS Lookup: To resolve the relationship between the domain name and the IP address, after which the corresponding IP address will be entered into the IP address box.

The DNS lookup function works through the device. Therefore, the device must be able to access the Internet and configure a valid DNS address to resolve the domain name.

In the figure below, the Business Asset Address is selected.

Criticality: Mark the criticality of a business asset to prioritize or manage its security issue.

In the figure below, the User IP Address is selected.

Criticality: There are Noncritical and Critical users. You can select either of them as required.

On the Network Objects tab, click Add and select Domain Name. See the figure below.

Protocol: Select IPv4 or IPv6.

Detection Method: When Active Detection is selected, the device initiates a DNS resolution request to obtain the IP address of the domain name. When Passive Listening is selected, the device analyzes the DNS packets passing through it to obtain the IP address of the domain name.

On the Network Objects tab, click Add and select Address Group. See the figure below.

 

Protocol: IP groups in an address group must be of the same IP type (IPv4 or IPv6).

Select IP address or IP address group: Select the IP address or IP address group to be contained in the address group as required.

To add a MAC address, click Add and select MAC Address Group. The Add MAC Address dialog box appears, as shown in the following figure.

Name: Specify the object name of the MAC address.

MAC Address: Enter the MAC address.[sa17]

Server Discovery

Discovered server information will be displayed on this tab, including open ports and page numbers of sensitive data. See the figure below.

Add To: Select business assets to be added.

Ignore: Ignore the server information that is discovered.

Ignored Servers: View ignored servers.

Advanced: Whether to enable server discovery and whether to discover data business.