Learn how to create a prefix list on Cloud NGFW for Azure.
Where Can I Use This? | What Do I Need? |
|
- Cloud NGFW subscription
- Palo Alto Networks Customer Support Portal account
- Azure Marketplace subscription
|
A security rule object is a single object or collective unit that groups discrete
identities such as IP addresses, fully-qualified domain names (FQDN), intelligent
feeds, or certificates. Typically, when creating a policy object, you group objects
that require similar permissions in policy. For example, if your organization uses a
set of server IP addresses for authenticating users, you can group the set of server
IP addresses as a prefix list object and reference that prefix list in one or more
security rule. Group object allows you to significantly reduce the administrative
overhead in creating rules.
A prefix list allows you to group specific IP addresses that require the same policy
enforcement. A prefix list can contain one or more IP addresses or IP netmask in
CIDR notation. An address object of type IP Netmask requires you to enter the IP
address or network using slash notation to indicate the IPv4 network. For example,
192.168.18.0/24.
To configure a prefix list, familiarize
yourself with how
rulestacks
work.