Large number of events involving IP address conflicts and unauthorized interactions during normal operation of devices

Problem

The application is registering a large number of events involving the detection of IP address conflicts and unauthorized network interactions during normal operation of devices in the industrial network. Moreover, event enrollment is not being affected by the duration of the preliminary operation of technologies and methods of the application in learning mode.

Solution

Registered events may be related to the fact that the router indicator is not set for devices that are performing the functions of a network switch between industrial network segments

To exclude event enrollment for false positives alerting IP address conflicts and unauthorized interactions:

1. In the device table, search for routers based on their MAC addresses and configure the settings for each device. To ensure normal operation of the application with these devices, you must do the following when editing the device information:
   1. Set the Router indicator.
   2. Delete the IP addresses specified for the device.
   3. Check the device name and change it to the correct name if necessary.
2. In the events table, look for unauthorized network interaction events that were erroneously registered. To disable their future registration, create allow rules for events.

Page top