Guides
Secure Access Help Center

Manage Network and Service Objects

Cisco Secure Access supports managing and protecting connections on networks and services for end users. In Secure Access, you can add Network Objects for network resources (host, range of IP addresses, network) and Service Objects for service resources (port, protocol). Together with the private access rules in the Access policy, these resources enable you to efficiently define granular policy controls and secure the traffic on the resources (sources and destinations).

To create a set of resources, add the resources to a group that supports the resource type. For example, add Network Objects in Network Object Groups and Service Objects in Service Object Groups. You can also include groups in other groups that have the same group type, for example: include a Network Object Group in other Network Object Groups.

Once you add the Network and Service Objects or groups of these resources in Secure Access, you can select the objects on the private access rules in the Access policy. Using Network and Service objects and groups on access rules promotes reuse of the resources and simplifies the configuration and management of resources on access rules. For more information about the Access policy, see Manage the Access Policy.

Table of Contents

About Network Object Groups

  • A Network Object Group is a collection of Network Objects and other Network Object Groups. In Secure Access, you can add Network Objects to a Network Object Group. You can also select other Network Object Groups to add on a Network Object Group.
  • Network Objects and Network Object Groups are available on both the source and destination components of private access rules.

Note: A Network Object Group can include other Network Object Groups. From a Network Object Group, Secure Access supports three levels of nested groups. For more information, see Add Network Object Groups.

About Service Object Groups

  • A Service Object Group is a collection of Service Objects and other Service Object Groups. In Secure Access, you can add Service Objects to a Service Object Group. You can also select other Service Object Groups to add on a Service Object Group.
  • Service Objects and Service Object Groups are available only on destination components in private access rules.

Note: A Service Object Group can include other Service Object Groups. From a Service Object Group, Secure Access supports three levels of nested groups. For more information, see Add Service Object Groups.

Get Started with Network and Service Objects

Add the Network and Service Objects for the organization in Secure Access.

Allow SSH and RDP Access to Private Resources < Manage Network and Service Objects > Manage Network Objects

Updated 8 days ago