Network Objects
A network object can contain a host name, a network IP address, a range of IP addresses, a fully qualified domain name (FQDN), or a subnetwork expressed in CIDR notation. Network groups are conglomerates of network objects and other individual addresses or subnetworks you add to the group. Network objects and network groups are used in access rules, network policies, and NAT rules. You can create, update, and delete network objects and network groups using CDO.
|
Device type |
IPv4 / IPv6 |
Single Address |
Range of addresses |
Fully Qualified Domain Name |
Subnet using CIDR Notation |
|---|---|---|---|---|---|
|
ASA |
IPv4 |
Yes |
Yes |
Yes |
Yes |
|
FTD |
IPv4 and IPv6 |
Yes |
Yes |
Yes |
Yes |
|
Meraki |
IPv4 |
Yes |
Yes |
Yes |
Yes |
|
Device type |
IP Value |
Network Object |
Network Groups |
|---|---|---|---|
|
ASA |
Yes |
Yes |
Yes |
|
FTD |
No |
Yes |
Yes |
|
Meraki |
Yes |
Yes |
Yes |
Viewing Network Objects
Network objects you create using CDO and those CDO recognizes in an onboarded device's configuration are displayed on the Objects page. They are labeled with their object type. This allows you to filter by object type to quickly find the object you are looking for.
When you select a network object on the Objects page, you see the object's values in the Details pane. The Relationships pane shows you if the object is used in a policy and on what device the object is stored.
When you click on a network group you see the contents of that group. The network group is a conglomerate of all the values given to it by the network objects.