Creating network identifiers

Network IDs make it possible to define the network resources that you want to protect: IP addresses, ports, IP address ranges, or port ranges.

Network IDs are necessary when you create network rules, and must be created beforehand.

Since IDs are specific to each rule set, you must create IDs in each set. You can however export all the IDs of a rule set to import and use them in another set. For more information, refer to the section Importing and exporting identifiers.Importing and exporting identifiers

For more information, refer to the section Controlling network access.

  1. Select a policy in Security > Policies, then select a set of rules.
  2. Click on the Identifiers tab at the top right, then on the Network IDs tab.
  3. Click on Add an ID.
    A blank ID appears.
  4. Click on Edit at the bottom right side of the entry.
  5. In the field New network ID, enter an ID name, then a description if needed.
  6. If you want the network ID to include all IP addresses EXCEPT the ones specified, enable the option Invert identifier scope.
  7. The ID includes all IPv4 and IPv6 addresses by default. To specify certain addresses in particular, click on No addresses added and manually enter the values in the text field that appears. You can also add a description if necessary.
    • To add several addresses at one go, separate them with commas in the text field and press Enter. Example: 192.168.128.254,192.168.95.15.
    • To add an address range, separate the first value and last value with a dash and press Enter. Example: 192.168.131.0-192.168.131.100.
  8. Click on Finish changes.
  9. If you have finished creating application identifiers, click on Save in the upper banner.