Add Network Object Groups
In Cisco Secure Access, a Network Object Group is a reusable collection of Network Objects and other Network Object Groups. You can add Network Object Groups in Secure Access and select Network Objects or other Network Object Groups to include in the group.
After you add a Network Object Group in Secure Access, the resources in the group are available for you to select for source and destination components on private access rules. You can use this group in other Network Object Groups and on any private access rules in the organization's Access policy. For more information about reusable source and destination components, see Components for Private Access Rules.
Table of Contents
Prerequisites
- Full Admin user role. For more information, see Manage Accounts.
Guidelines for Adding Network Object Groups in Secure Access
- A Network Object Group must have a unique name within the scope of all Network Object Groups in the organization.
- A Network Object Group can include Network Objects and other Network Object Groups. Secure Access supports three levels of nested groups.
Example of Network Object Group Hierarchies
network_object_group_one
|-network_object_group_two
|-network_object_group_three
Circular Dependencies in Object Groups
Important: Secure Access does not support circular dependencies of groups in Network Object Groups. For example, if you have a Network Object Group with this object hierarchy:
Network Object Group A —> Network Object Group B, Network Object Group C
- Network Object Group B can not have Network Object Group A in its group.
- Network Object Group C can not have Network Object Group A in its group.
Procedure
Add a Network Object Group. When you add a Network Object Group, select Network Objects to add to the group or create new Network Objects. You can also select other Network Object Groups to add to the group.
-
Navigate to Resources > Network and Service Objects.
-
Click on the Network Object Groups tab, navigate to Network Object Groups, and then click Add Group.
-
Navigate to General.
a. For Name, enter a name for the Network Object Group. Secure Access supports a sequence of 1–255 alphanumeric, space, hyphen, and underscore characters.
Note: Enter a valid name for the Network Object Group that is unique for all Network Object Groups in the organization.b. For Description, enter text that describes the Network Object Group.
-
Navigate to Group Values.
-
For Select objects or groups, choose either Select Object or + Create Object.
a. For Select Sources, choose from the lists of configured Network Objects and Network Object Groups.
b. for + Create Object, follow the steps to add a Network Object. For more information, see Add Network Objects.
- Click Add network group.
View Network Object Groups
View the Network Object Groups that you added to the organization in Secure Access.
-
Navigate to Resources > Network and Service Objects.
-
Click on the Network Object Groups tab, and then navigate to Network Object Groups.
Secure Access displays the properties for the Network Object Groups in the organization.
-
Navigate to a Network Object Group to view the details about the group.
- Name—The name of the Network Object Group.
- Includes—The list of the references to the objects in the Network Object Group.
- Included in—The list of groups that include the Network Object Group.
- Access rules—The list of rules that have the Network Object Group selected on the rules.
Search on Name for Network Object Groups
Search for the Network Object Groups in the organization.
-
On the Network Object Groups tab, navigate to Network Object Groups.
-
In the search bar, enter a sequence of characters to query for the name of the Network Object Groups.
Manage Network Object Groups < Add Network Object Groups > Edit a Network Object Group
Updated 12 days ago