| System | 485
Hosts and Services allows defining and managing system hosts and services.
This section covers the following topics:
•
IP Host
- The page displays the list of all dynamic and default hosts. The page also provides options to add a new
host, update the existing host, or delete a host.
•
IP Host Group
- Host Group is a grouping of hosts. Security Policies can be created for the individual host or host groups. This page displays the list of all the host groups. It also provides options to manage these host groups.
•
MAC Host
- Device allows creating a host based on MAC Address. One can create a MAC Host of either a single
MAC Address or multiple MAC Addresses. This page displays the list of all the available MAC host. The page also provides option to add a new MAC host, update the existing host, or delete a host.
•
FQDN Host
- This page displays the list of all the available FQDN host.
•
FQDN Host Group
- FQDN Host Group is a grouping of FQDN hosts. This page displays the list of all the
available FQDN host groups.
•
Country Group
- Country Group is a grouping of Countries. Multiple countries can be selected to block or allow incoming traffic by using Country Group. This page displays the list of all the available Country groups.
•
Services
- You can use services to determine the types of traffic allowed or denied by the firewall. This page
displays the list of all the default and custom services. It also provides options to manage services.
•
Service Group
- Service Group is a grouping of services. Custom and default services can be grouped in a single group. The page displays the list of all the default and custom groups.
IP Host
The IP Host page displays the list of all the dynamic hosts, default hosts and manually added hosts.
Hosts allow the entities to be defined once, which can be re-used in multiple referential instances throughout the configuration. For example, consider an internal Mail Server with an IP Address 192.168.1.15. Rather than repeated use of the IP Address while configuring Security Policies or NAT Policies, it allows to create a single entity Internal
Mail Server as a Host name with an IP Address 192.168.1.15. This host, Internal Mail Server can then be selected in any configuration that uses Host as a defining criterion.
By using host name instead of numerical address, you only need to make changes in a single location, rather than in each configuration where the IP Address appears.
Using Hosts, reduces the error of entering incorrect IP Addresses, makes it easier to change IP Addresses, and increases readability.
You can group multiple entities performing the same function within a single hostname.
The IP Host page displays the list of all the dynamic hosts which are automatically added on creation of VPN Remote access connections (IPsec and SSL) and the default hosts (IPv6 and IPv4) for remote access connection - ##ALL_RW,
##WWAN1, ##ALL_IPSEC_RW and ##ALL_SSLVPN_RW along the manually added hosts. The page also provides option to add a new host, update the existing host, or delete a host.
Note:
• System hosts cannot be updated or deleted.
• Dynamic hosts which are automatically added on creation of VPN Remote Access connections cannot be deleted.
• Default hosts (IPv6 and IPv4) for remote access connection - ##ALL_RW, ##WWAN1,
##ALL_IPSEC_RW and ##ALL_SSLVPN_RW cannot be updated or deleted.
Add IP Host
Add IP Host allows you to assign a hostname to a network, IP address, range or list.
1. Go to System > Hosts and Services > IP Host and click Add.
2. Enter the hostname.
3. Select the IP Family.
Available Options: