Anonymizing IP addresses

IP Anonymization is a site-level customization that changes the way Signal Sciences stores and uses remote client IP addresses. By default IP addresses are not anonymized. When a customer chooses to enable IP Anonymization, agents for a specific site will anonymize an IP address before sending it to the cloud. Signal Sciences will convert IP addresses into anonymized IPv6 addresses by performing a one-way hash. As a result, Signal Sciences databases will not have knowledge of the actual IP address and it will appear anonymized throughout the console.

Actual IP addresses are converted to anonymous IPv6 addresses using rfc7343.

The IP address is anonymized in all headers and data fields with the anonymized IPv6 address. In addition, the actual IP address is truncated by setting the last octet of an IPv4 IP address and the last 80 bits of an IPv6 address to zeros and stored as metadata on the record.

Limitations and considerations

The following features will not work when IP Anonymization is enabled:

  • DNS lookups
  • CIDR support in the search console
  • Network Data Insights (partial functionality)

Enabling IP anonymization

To enable IP anonymization, complete the following steps:

  1. Log in to the Signal Sciences console.
  2. From the corp navigation bar, use the Sites menu to select a site.
  3. From the Manage menu, select Site Settings. The Site Settings menu page appears.
  4. Click the Agent Configurations tab. The Agent Configurations form appears.
  5. Under IP Anonymization, select Enabled. A warning appears stating some functionality will not work with IP Anonymization enabled.
  6. Click the I understand button.
  7. Click the Update button.
Was this guide helpful?

Do not use this form to send sensitive information. If you need assistance, contact support. This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.