Create a Post
dgoldhar
Employee Alumnus
Employee Alumnus

CloudGuard Dome9 now supports Managed Lists

You can now create and manage generic named lists in  CloudGuard Dome9. Once created, you can then refer to them in GSL rule statements, instead of using the full itemized list.

This augments the existing capability to create IP lists, which can be used to create Security Group rules.

Using this new capability, you can define, for example, a list of instances, or instance types, ports, regions, and more, and then use them in GSL rule statements.

Advantages

  • Use the same list in many different rules

  • Change the list in one place, and it affects all the rules that use it

Use Cases

  • In GSL rules
    Create a list of entities, and refer to the list (by name) in a GSL rule statement, instead of including the entire list in the rule.
    Example:
    ... VirtualMachine where operatingSystem in($AzureOSTypes) ...
    this refers to a list, $AzureOSTypes.

  • In Security Group rules
    Create list of IP addresses or ranges, and refer to them in Security Group rules. The same list can be used in many rules (for example a list of public IP addresses).

Lists-SG.png

0 Replies