Skip to content

Addresses

Addresses may comprise of IP address groups, FQDN objects, Resource IDs, Tags Endpoints etc. that can be used in Security Rules and Service Objects.

Address Object Types

  • Static
  • VPC/VNet ID
  • Security Group
  • Instance ID
  • Subnet ID
  • User Defined Tag
  • Applications
  • Storage Bucket
  • Geo IP
  • Service Endpoint

Create an Address Object

  1. Navigate to Manage > Security Policies > Addresses.
  2. Click Create
  3. Enter/Select Object Paramaters per table below. Note: Some parameters will be common to all address object types, and some parameters will appear based on object type only.
  4. Click Save when complete.

Common Address Object Parameters

Parameter Description
Object Name Enter an alphanumeric string to identify the address. Spaces are not allowed, and Object name must be unique.
Object Type Select Address Object type as described below
Auto Update Select to continuously update the members of a "dynamic" address object as they are discovered/learned. As applications are deployed and match a dynamic address object, the IP addresses assigned are automatically added to the address object and inherit the security rules applied to same. Auto Update is disabled for Static and Service Endpoints address objects.
Backend Address Check the box if this address object is used as a target/backend for proxy mode. The checkbox appears only for Static, Applications and Storage Bucket address objects.

Address Object Types

Parameter Description
Static Enter the values for static objects. The values can be either in the form of an IP address or an FQDN.
VPC/VNet ID Select a VPC/VNet ID.
Security Group Select a Security Group ID
Subnet ID Select a Subnet ID
Instance ID Select the Instance ID.
User Defined Tag Select User Defined tag from pulldown.
Applications Enter the Appliaction Tag value you wish to use for this object
Storage Bucket Select Storage Bucket from pulldown. This is currently supported for AWS only.
Service Endpoint Select
Geo IP Select the Geo IP value/s by country code. These are allocated by IANA (https://www.iana.org/numbers). This option enables blocking or allowing access to internet available applications per country This database is maintained by the Valtix services team. Updates are published in the Valtix support portal.
Description (Optional) Add a description for the address object

For certain Object Types, the following will appear based on CSP and Object type selection

Parameter Description
CSP Account Select the CSP Account from pulldown.
Region Select the Region from pulldown.
Resouce Group Select the Resouce Group from pulldown.
VPC/VNet ID Select the VPC/VNet ID from pulldown.
Service Endpoint Select Service Endpoint type from pulldown and based on CSP e.g. AWS -> AMAZON_CONNECT
Instance ID Select the Instance ID.

Address Details

Once a Address object is configured, click the Address Object in the list to view the details. The members detail displays the learned IP addresses based on the address object type selected.