Managing Groups

This article explains how to manage groups used in your account.

Overview of Groups

You can create new groups and leverage them (in addition to the pre-defined groups) as global objects across the Cato Management Application in security and network rules, DNS servers and suffixes, and more.

Define the items in the Cato Management Application that are members of the group. You can also define special configurations for groups relating to DNS and DHCP Options.

Groups.png

The Cato Management Application supports several group types (as indicated in the Groups list):

  • Manual: Groups that you manually define. Group members can include various network entities (such as Sites, Networks, Floating Ranges and Hosts).

  • System: Groups that are pre-defined in the Cato Management Application. These are dynamic groups that are automatically updated with new members when the appropriate items are added. For example, when a new site is added to your account, the All Sites system group is automatically updated with the new site. If this group is used in a security rule, the rule will also apply to the new site.

    System groups include:

    • All Sites: A group that includes all sites

    • All Shared Hosts: Users that Cato Socket cannot identify due to their use of shared hosts

    • All Floating Ranges: A group that includes all floating ranges defined in the system

Showing Groups and Group Members

To show the members of a group:

  1. In the navigation menu, click Assets > Groups and select the group.

  2. In the navigation menu, click Members. The group members are displayed.

Adding Groups

You can you define groups and their members. These are the behavior for System groups:

  • Definitions in the General pane are defined by the Cato Management Application and can't be modified.

  • For System groups, definitions in the Members pane are defined by the Cato Management Application and can't be modified.

To add a group and define its members:

  1. In the navigation menu, click Assets > Groups.

  2. Click New. The Create panel opens.

  3. Enter the group Name and click Apply. The group is added to the screen.

  4. Click the group. The General screen for the group opens.

  5. (Optional) Enter a Description.

  6. Add the items that are the members of this group:

    1. In the navigation menu, click Members. The group members are displayed.

    2. From the Add Members drop-down menu, select the type of member to add (for example, Site, Network Interface, or Host).

      • Network Interface - All traffic on the interface (all networks)

      • Interface Subnet - VLAN, routed, or direct ranges, or a secondary AWS vSocket native range

      • Global Range - Native range on the interface

      Cato recommends that each group contain only one type of member. For example, a group of all of your network interfaces.

    3. Select all the items for that type that you are including in the group.

      The selected members are added to the Members list.

  7. Click Save.

    The group is saved and added to the Cato Management Application.

Deleting Groups

To remove groups other than User groups, you must first remove it from anywhere it is used in other screens and rules in the Cato Management Application. For example, if you don't remove the group from security and network rules, then you can't delete the group.

User groups can be deleted if they are included in a policy. For more information, see Working with User and System Groups.

Note

Note: You cannot undo a deletion.

To delete a group:

  1. In the navigation menu, click Assets > Groups.

  2. Click Delete.png (Delete) next to the group you wish to delete.

    A confirmation window opens.

  3. Click Delete.

    The group is deleted.

Was this article helpful?

0 out of 3 found this helpful

2 comments

  • Comment author
    Dana DeVol

    Neither this article nor any searches of the knowledge base describe how to add a user to a group in the new console interface.

  • Comment author
    Yaakov Simon

    Dana,

    Step 6 in the procedure above explains how to use the Members screen in a group to add users.

    I added a screenshot to help clarify.

    Thanks for your comment,

    Yaakov

Add your comment