Network Security
Add a Region (Strata Cloud Manager)
Table of Contents
Expand All
|
Collapse All
Network Security Docs
Add a Region (Strata Cloud Manager)
Define regions to apply policy to specified countries or locations. Applying policy
based on region is a great way to control traffic between branch offices.
Regions, along with Addresses and Address Groups allow you to group specific
source or destination addresses that require the same policy enforcement. The
address object can include an IPv4 or IPv6 address (single IP, range, subnet), an IP
wildcard address (IPv4 address/wildcard mask) or the FQDN. Alternatively, a region
can be defined by the latitude and longitude coordinates or you can select a country
and define an IP address or IP range. You can then group a collection of address
objects to create an address group object. You can also use dynamic
address groups to dynamically update IP addresses in environments where
host IP addresses change frequently.
Here, we're going to show you how to use Regions to get better
control over the flow of traffic between your branches. Follow these steps to
specify a geographical region to apply policy to.
- Go to ManageConfigurationNGFW and Prisma AccessObjectsAddressRegions.Select Add Region to add a new region to apply policy to.Configure the settings in this table:Region SettingsDescriptionNameSelect a name that describes the region. This name appears in the address list when defining security security rules. Typing text into this field to narrow down a standard list of countries for you to choose from.Geo LocationTo specify latitude and longitude, select this option and specify the values (xxx.xxxxxx format). This information is used in the traffic and threat maps for App-Scope.AddressesUsing any of the following formats, specify an IP address, range of IP addresses, or subnet to identify the region:x.x.x.xx.x.x.x-y.y.y.yx.x.x.x/nSave your configuration.