How do I configure source and destination IP groups?

Creating Source IP Groups

Grouping source IP addresses facilitates referencing them in firewall policies.

To create a source IP address group for firewall policies:

  1. Go to Administration > Resources > IP Groups.
  2. In the Source IP Groups tab, click Add.
  3. Enter a Name for the source IP address group. For example, Social Media.
  4. Enter any number of IP addresses. You can enter:
    • An IP address (for example, 198.51.100.100)
    • A range of IP addresses (for example, 192.0.2.1-192.0.2.10)
    • An IP address with a netmask (for example, 203.0.113.0/24)
      Hit Enter after each entry. Then click Add Items.
  5. Optionally, enter additional notes or information. The description cannot exceed 10,240 characters.
  6. Click Save and activate the change.

Creating Destination IP Groups

You can group together destinations that you want to control in a firewall rule by specifying IP addresses, countries where servers are located, and URL categories.

To create a destination IP address group for the firewall policies:

  1. Go to Administration > Resources > IP Groups.
  2. In the Destination IP Groups tab, click Add and do the following:
  • Name: Enter a name for the destination IP address group.
  • Type: Select one of the following (note, FQDN is available with an advanced firewall subscription).
    • IP Address: You can add IP addresses in any of the following formats:
      • An individual IP address, such as 192.0.2.1.
      • A subnet, such as 192.0.2.0/24.
      • An IP address range, such as 192.0.2.1 - 192.0.2.5
    • FQDN: If you have the advanced firewall subscription, you can also add FQDNs for applications with multiple IP addresses or with IP addresses that frequently change.

       To add multiple entries, hit Enter after each entry. Then click Add Items.

  • Countries: To identify destinations based on the location of a server, select Any to include all countries in the group or select specific countries.
  • Categories: To identify destinations based on the URL category of the domain, select any number of categories to include to the group.
  • Description: Optionally, enter additional notes or information. The description cannot exceed 10,240 characters.
  1. Click Save and activate the change.