Skip to main content

 

 

Cisco Defense Orchestrator

Create or Edit a Firepower Security Zone Object

About Security Zone Objects

A security zone is a grouping of interfaces. Zones divide the network into segments to help you manage and classify traffic. You can define multiple zones, but a given interface can be in one zone only. For more information see, Security Zone Object.

A security zone object is not associated with a device unless it is used in a rule for that device. 

Create a Security Zone Object

To create a security zone object, follow these instructions: 

  1. In the Defense Orchestrator interface, select Objects in the navigation pane.
  2. Click the blue plus button blue_cross_button.png and select FTD > Security Zone to create the object.
  3. Give the object a name and, optionally, a description.
  4. Select the interfaces to put in the security zone. 
  5. Click Add.

Edit a Security Zone Object

After onboarding an FTD, you will find there are already at least two security zones, one is the inside_zone and the other is the outside_zone. These zones can be edited or deleted. To edit any security zone object, follow these instructions:

  1. Find the object you want to edit:
  • If you know the name of the object, you can search for it in the Objects page:
  • Filter the list by security zone.
  • Enter the name of the object in the search field. 
  • Select the object.
  • If you know the object is associated with a device, you can search for it starting on the Devices & Services page. 
  • Open the Devices & Services page.
  • Use the device filter and search bar to locate your device.
  • Select the device.
  • In the Management pane at the right, click Objects.png Objects.
  • Use the object filter filter_icon.png and search bar to locate the object you are looking for.

Note: If the security zone object you created is not associated with a rule in a policy for your device, it is considered "unassociated" and you will not see it among the search results for a device. 

  1. Select the object.
  2. Click the Edit icon edit.png in the Actions pane at the right. 
  3. After editing any of the attributes of the object. Click Save
  4. After clicking Save you receive a message explaining how these changes will affect other devices. Click Confirm to save the changes or Cancel. 

Resolving Inconsistent or Unused Security Zone Objects

Security zone objects can be marked inconsistent or unused like other objects. See Resolve Unused Object Issues and Resolve Inconsistent Object Issues for instructions on how to resolve these issues.

Related Topics
  • Was this article helpful?