Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Maarten_Sjouw
Champion
Champion
Jump to solution

Dynamic Global Objects no longer supported?

Gents, We are setting up a R80.10 MDS, in R77.30 we are using dynamic global objects to be able to use an per domain editable group, in the global rules.

While you create an dynamic object with a name ending in _global in the global object list, in the domain you create a group with the exact same name and in there you ie put all GW objects for that domain. This way you create management and other rule in the Global rulebase that you do not need to repeat over the amount of domains you have, 150+ in our case.

When I try to use this in R80.10 it complains the object already exists....

Last time I asked I was told this would return in R80.10, but that was a while back, is it indeed still not there or is it just changed?

Regards, Maarten
1 Solution

Accepted Solutions
Tomer_Sole
Mentor
Mentor

Hi,

Dynamic Global Objects are supported with R80.10. User experienced is changed.

Instead of solely relying on the _global suffix, there is a new network object of type "Dynamic Global Network Object".

R7x:

1. Login to Global Domain

2. Create a dynamic object with name that ends with _global, save.

3. Login to the Domain

4. Create a network object with the same name, save.

5. Assign (or re-assign) global policy.

R80.10 and above:

1. Login to Global Domain

2. Create a Dynamic Global Network Object. Name must end with _global, and if not, you will not be able to OK the dialog (or complete the API call). Publish.

3. Login to the Domain

4. Create a network object with the same name. Publish.

5. Assign (or re-assign) global policy.

During upgrade, your Dynamic Objects with the _global suffix which existed in the Global Domain will be converted automatically.

View solution in original post

0 Kudos
5 Replies
Tomer_Sole
Mentor
Mentor

Hi,

Dynamic Global Objects are supported with R80.10. User experienced is changed.

Instead of solely relying on the _global suffix, there is a new network object of type "Dynamic Global Network Object".

R7x:

1. Login to Global Domain

2. Create a dynamic object with name that ends with _global, save.

3. Login to the Domain

4. Create a network object with the same name, save.

5. Assign (or re-assign) global policy.

R80.10 and above:

1. Login to Global Domain

2. Create a Dynamic Global Network Object. Name must end with _global, and if not, you will not be able to OK the dialog (or complete the API call). Publish.

3. Login to the Domain

4. Create a network object with the same name. Publish.

5. Assign (or re-assign) global policy.

During upgrade, your Dynamic Objects with the _global suffix which existed in the Global Domain will be converted automatically.

0 Kudos
Maarten_Sjouw
Champion
Champion

Thanks Tomer, that did the trick.

Regards, Maarten
0 Kudos
Christian_Peter
Employee Alumnus
Employee Alumnus

Great reply!

Do you by any chance know if objects used for communicating with public and private clouds, can be defined as Global objects?
I can create a Datacenter Server object and connect to e.g. Azure, but can I define such an object as a Global object and use this within all domains? 

0 Kudos
Christian_Peter
Employee Alumnus
Employee Alumnus

Never mind! Smiley Happy
I found the answer in the Know Limitations for R80.20

R80.20 CloudGuard Controller Known Limitations 

01970321 CloudGuard Objects (Data Center Servers and Data Center Objects) are not supported in Global Domain.
0 Kudos
mikesleath
Participant

Hi,

Do you have an example of the API call to create these object types - we make heavy use of them and the ability to create via the API is a requirement. Previously they were created using dbedit.

Thanks.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events