Manage Firewall Address Objects
- An address object is reference to a set of IP addresses in a specific organization / device. These objects ca be used in firewall rules.
- An object is specific to an organization or firewall device.
- Address objects added to an organization will be available for that organization's 'Source' and 'Destination' IP address drop down, which includes all devices assigned to that organization.
- Address objects added for an individual device will be available only for that specific device's 'Source' and 'Destination' IP address drop down.
- You can also create firewall object groups to create rules for larger networks.
- You can create a wide range of rules for each firewall device.
- Note - Existing FW address objects will not be imported with the device. We recommend you remove these from the device before importing then configure them again from central manager.
To create and manage firewall address objects
- Click 'Firewall' > 'Firewall Addresses' on the left hand menu
- Select the organization to which the firewall device belongs, or the name of firewall device
- Select an organization object to manage addresses for all devices in the organization
- Select an individual object under an organization to manage addresses for a single device
The 'Firewall Addresses' interface lists all firewall address objects added to Comodo Dome Firewall Central Manager. The objects can be added to specific devices or all devices that belong to a particular organization. The interface lets admins view, create and manage address objects.
Firewall Address List Table - Column Descriptions |
|
---|---|
Column |
Description |
Name |
Label of the firewall address object. The object name will become available for selection in the 'source' and 'destination' address fields when creating a 'Firewall Policy'. |
Comment |
A short description of the object. |
Type |
Category of address. Can be IP address, IP address range, Subnet. |
Addresss |
IP addresse(s) the host computer(s) contained in the object. |
Actions |
Displays control for managing the object. - Opens the 'Edit' interface so you can modify the parameters of the object. The edit interface is similar to the 'Add Object' interface - Removes the object. Note: Objects which are currently referenced in a firewall rule or in a group cannot be removed. To delete an object, you must first remove it from all rules or groups in which it is included. |
- Click 'Firewall' > 'Firewall Addresses' on the left
- Select the organization/device from the drop-down in the title bar
- Select an organization to manage FW address objects for all devices in that organization
- Select an individual device under an organization to manage FW address objects for a single device
- Click 'Add an address' at the top-left
- The 'Add Object' dialog will open:
- Enter the parameters for the new object as shown below:
- Name - Specify a label for the object (15 characters max) representing the host(s) included in the object.
- Comment - Enter a short description of the object.
- Type - Select the type by which the hosts are to be referred in the object. The available options are:
- Subnet - Select this if a sub network of computers is to be covered by the object and enter the sub network address
- IP address - Select this if a single host is to be covered by the object and enter the IP address of the host
- IP range - Select this if more than one host is to be covered by the object and enter the IP address range of the hosts
- Click 'Save'. The new address will be added to
the list.
The object will be available for selection as a source or destination when creating a firewall rule. You can search for the object by typing the first few letters of the object name.