Cloud Managed

Create Dynamic Address Groups.
View the tutorial to see a big picture view of the feature.
Select
Manage
NGFW and
Prisma Access
Objects
Address
Address Groups
.
Select
Add Address Group
and enter a
Name
and a
Description
for the address group.
Select
Type
as
Dynamic
.
Define the match criteria. You can select dynamic and static tags as the match criteria to populate the members of the group. Click
Add Match Criteria
, and select the
And
or
Or
operator and select the attributes that you would like to filter for or match against, then select
Save
. Negation isn’t supported.
Click
Commit
.
Use Dynamic Address Groups in policy.
View the tutorial.
Select
Manage
NGFW and
Prisma Access
Security Services
Security Policy
.
Select
Add Rule
and enter a
Name
and a
Description
for the policy.
Add the
Source Zone
to specify the zone from which the traffic originates.
Add the
Destination Zone
at which the traffic is terminating.
For the
Destination Address
, select the Dynamic Address Group you just created.
Specify the action—
Allow
or
Deny
—for the traffic, and optionally attach the default security profiles to the rule.
Repeats steps 1 through 6 to create another security rule.
Select
Push Config
.