Security zones

Security zone configurations in AppViz define the zones used to group objects in application diagrams.

By default, AppViz uses system zones (as defined below). When custom risk profile spreadsheets exist in AFA, AppViz additionally uses the zone definitions in the first profile in the alphabetically ordered list.

In this topic:

Define security zones

  1. In the toolbar, click your username.

    A drop-down list appears.

  2. In the drop-down list, select Administration.
  3. Click the Customization tab.

  4. In the Security Zones area, do one or both of the following:

    Select a custom risk profile spreadsheet in the drop-down menu.

    Application diagrams will define zones according to the definitions in the spreadsheet. All spreadsheets defined in AFA appear.

    Select / deselect the Show System Zones check box.

    Application diagrams will define zones according system zones, including PCI, internal, and external.

    • The PCI zone will appear according to its definition in AFA. For more details, see Customize the regulatory compliance report.
    • The private (internal) zone is defined as 10.0.0.0/8, 172.16.0.0/12, and 92.168.0.0/16 by default. To edit the private zone, see Configure the Internal zone.
    • The external zone is defined as all IP addresses not included in another zone.

    Back to top

    Configure the Internal zone

    By default, AppViz defines the Internal / Private zone as 10.0.0.0/8, 172.16.0.0/12, and 92.168.0.0/16. If desired, you can customize this.

    To configure the Internal zone

    1. Open a terminal and log in using the username "bflow" and the related password.
    2. Open /home/bflow/config/user.properties.
    3. On a new line, add the configuration item security_zones.default_internal_network_ranges.
    4. Set the value to a semi-colon delimited list of networks in CIDR format

      For example, the following sets the internal zone to 172.16.0.0/12 and 92.168.0.0/16:

      security_zones.default_internal_network_ranges=172.16.0.0/ 12;192.168.0.0/16

    5. Save the file.
    6. Restart AppViz.

  5. Back to top