This article describes the objects that can be configured in the Source, Destination, and App/Category fields in rules for policies.
The following table describes the objects that you can use in the Source and Destination fields.
Item |
Description |
Screen Where Defined |
---|---|---|
Site |
Sites defined for the account |
Assets > Sites |
Host |
Hosts and servers defined in the sites |
Assets > Sites > Site Settings > Hosts |
Interface Subnet |
Subnets and network ranges defined for the LAN interfaces of a site |
Assets > Sites > Site Settings > Networks |
Global Range |
Native range for the LAN interface of a site |
Assets > Sites > Site Settings > Networks |
Network Interface |
Networks defined in the sites |
Assets > Sites > Site Settings > Networks |
Floating Subnet |
Global IP ranges that are not connected to a specific site, but can be learned from any site with a BGP neighbor |
Network > Floating Ranges |
SDP User |
Individual users defined for the account |
Access > VPN Users |
Group |
Groups in the account |
Assets > Groups |
System Group |
Predefined groups |
N/A |
User |
Users that are imported with Directory Services |
Access > Directory Services |
IP |
Enter the IP address with the CIDR that is applied to this rule |
N/A |
IP Range |
For the Source of a rule, enter the multiple separate IP addresses or IP range that is applied to this rule (in one of the following formats):
|
N/A |
Any |
Any source or destination |
N/A |
The following table describes the objects that you can use in the App/Category field.
Item |
Description |
Where Configured |
---|---|---|
Application |
Default applications defined by Cato |
Default values, cannot be configured |
Custom Application |
Custom applications defined for the account |
Assets > Custom Apps |
Application Category |
Default categories defined by Cato |
Default values, cannot be configured |
Custom Category |
Custom categories defined for the account |
Assets > Categories |
FQDN |
FQDN is an exact match of the fully qualified domain (for example, the FQDN example.com only matches example.com) |
Setting for this rule |
Domain |
A Domain is a Second-Level Domain (SLD) and matches all subdomains. For example, the Domain example.com matches example.com, host.example.com, and subhost.host.example.com |
Setting for this rule |
IP Range |
Enter the IP addresses with the CIDR for the apps that are applied to this rule |
Setting for this rule |
Any |
Any web content, application, or category |
Default values, cannot be configured |
0 comments
Please sign in to leave a comment.