Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
311312313314315316317318319320
4-9
Firewall
Named Objects
Named Objects
A named object is a logical “container” that is used in firewall access policies,
NAT policies, and port triggers to represent a logical name for one or more
addresses, services, or schedules. The advantage to using named objects is
that you can create the object once, then if the parameters of the object
change, you can edit the object without needing to change the parameters in
each policy.
For example, suppose that you create an address object called web_servers
that corresponds to a group of Web servers with the IP addresses 192.168.1.55
through 192.168.1.59. When the company adds three more Web servers, and
the IP address range increases to 192.168.1.55 through 192.168.1.62, you can
edit the web_servers object to include the three new IP addresses.
The change is then propagated throughout the entire set of firewall access
policies, NAT policies, and port triggers that include the web_servers address
object, thereby saving you the trouble of manually adding the Web servers’ IP
addresses to every policy.
There are five types of named objects:
Address objects
See “Address Objects” on page 4-10.
Address groups
See “Address Groups” on page 4-13.
Service objects
See “Service Objects” on page 4-15.
Service groups
See “Service Groups” on page 4-19.
Schedule objects
See “Schedule Objects” on page 4-20.
Table 4-1 summarizes where you can use each type of named object.