Skip to main content

 

 

Cisco Defense Orchestrator

Create or Edit a Firepower Network Object or Network Group

About Network Objects

A Firepower network object can contain a hostname, an IP address or a subnet address expressed in CIDR notation. Network groups are conglomerates of network objects and network groups that are used in access rules, network policies, and NAT rules. You can create, read, update, and delete network objects and network groups using CDO.

IP addresses that can be added to network objects

Device type IPv4 / IPv6 Single Address Range of addresses Partially Qualified Domain Name (PQDN) Subnet using CIDR Notation
Firepower IPv4 / IPv6 Yes Yes Yes Yes

Create a Firepower Network Object

  1. In the CDO navigation bar at the left, click Objects
  2. Click the blue plus button blue_cross_button.png to create an object.
  3. Click FTD > Network.
  4. Enter an Object Name.
  5. Select Create a network object.
  6. In the Value section:
  • Select eq and enter a single IP address, a subnet address expressed in CIDR notation, or a Partially Qualified Domain Name (PQDN).
  • Select range and enter an IP address range. 
  1. Click Add.

Create a Firepower Network Group

A Network Group can contain network objects and network groups. When you are creating a new Network Group, you can search for existing objects by its name, IP addresses, IP address range, or FQDN and add them to the Network Group. If the object isn’t present, you can instantly create that object in the same interface and add it to the Network Group. 

  1. In the CDO navigation bar at the left, click Objects
  2. Click the blue plus button blue_cross_button.png to create an object.
  3. Click FTD > Network.
  4. Enter an Object Name.
  5. Select Create a network group.
  6. In the Values field, enter a new value or the name of an existing network object. When you start typing, CDO provides object names that match your entry. 
  7. If CDO finds a match, click Add to add the network object or network group, to the new network group.
  8. If the object is not present, you can click Add as New Object to create a new object and click the checkmark to save it.
    You can click the edit icon Edit_NetworkObject.JPG to modify the object name.
  9. After adding the required objects, click Add to create a new Network Group.

Edit a Firepower Network Object

  1. In the CDO navigation bar at the left, click Objects
  2. Locate the object you want to edit by using object filters and search field.
  3. Select the network object and Click the edit icon edit.png in the Actions pane.
  4. Edit the values in the dialog box in the same fashion that you created in the procedures above. 
  5. Click Save.
    CDO displays the devices that will be affected by the change.
  6. Click Confirm to finalize the change to the object and any devices affected by it.

Edit a Firepower Network Group

  1. In the CDO navigation bar at the left, click Objects
  2. Locate the network group you want to edit by using object filters and search field.
  3. Select the network group and click the edit icon edit.png in the Actions pane.
  4. Change the object name and description if needed. 
  5. If you want to change the objects or network groups that are already added to the network group, perform the following steps:
    1. Click the edit icon Edit_NetworkObject.JPG appearing beside the object name or network group to modify them.
    2. Click the checkmark to save your changes.
      Note: You can click the remove icon to delete the value from a Network Group. 
  6. If you want to add new network objects or network groups to this network group, you have to perform the following steps:
    1. In the Values field, enter a new value or the name of the existing network object.
      When you start typing, CDO provides object names that match your entry. 
    2. If CDO finds a match, click Add to add the network object to the new network group.
    3. If the object is not present, you can click Add as New Object to create a new object and click the checkmark to save it.
  7. Click Save.
    CDO displays the policies that will be affected by the change.
  8. Click Confirm to finalize the change to the object and any devices affected by it.
  • Was this article helpful?