Manage Firewall Object Groups
- Firewall object groups consist of one or more IP address objects. Object groups can be created for organizations or devices.
- Administrators can reference object groups when creating and managing firewall rules.
- Object groups can be edited to change member objects. The change will be applied to all firewall rules which include the object group.
- Similar to address objects, object groups are specific to an organization or device.
- Address objects added for an individual device will be available only for that device's 'Source' and 'Destination' IP address drop down.
- Note - Existing FW group objects will not be imported with the device. We recommend you remove these from the device before importing then configure them again from central manager.
To create and manage firewall objects groups
- Click 'Firewall' > 'Firewall Groups' in the left-hand menu
- Select the organization/device on the top left of the interface
- Select an organization to manage group objects for all devices in the organization
- Select an individual device under an organization to manage group objects for a single device
The 'Firewall
Groups' list shows object groups added to specific devices /
organization. The
interface allows you to view, create and manage objects groups.
Groups in this list will be available when creating/managing new
firewall policy.
Firewall Group List Table - Column Descriptions |
|
---|---|
Column |
Description |
Name |
Label for the firewall group. The group name will become available for selection in the 'source' and 'destination' address fields when creating a 'Firewall Policy'. |
Comment |
A short description of the object |
Address |
IP address(es) of host computer(s) contained in the object. |
Actions |
Controls for managing the group. - Modify object settings. The Edit interface is similar to 'Add Group' interface. - Removes the object. Note: Objects which are currently referenced in a firewall rule or in a group cannot be removed. To delete an group, you must first remove it from all rules or groups in which it is included. |
To
create a new group
- Click 'Firewall' > 'Firewall Groups' in the left-hand navigation
- Select the organization/device on the drop-down of the interface
- Click 'Add a Group' at the top-left. The 'Add Group' dialog will open:
- Enter the parameters for the new object as shown below:
- Name - Specify a label for the group (15 characters max)
- Comment - Enter a short description of the group.
- Address - Select the address objects that should be included in the group.
- Click 'Save'. The new group will be added to
the list.