Policy Objects
Focus
Focus
Network Security

Policy Objects

Table of Contents

Policy Objects

Learn how to configure objects that you can use with policies
Where Can I Use This?What Do I Need?
  • NGFW (Cloud Managed)
  • NGFW (PAN-OS & Panorama Managed)
  • Prisma Access (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Panorama)
Check for any license or role requirements for the products you're using.
Objects enable you to construct, schedule, and search for security rules. Think of an object as a container that groups specific policy filter values—such as IP addresses, URLs, applications, users, or services—for simplified rule definition. Use them to define and group entities, settings, or preferences. An address object, for example, might contain specific IP address definitions for the web and application servers in your DMZ zone. With policy objects that are a collective unit, you can reference the object in a Security policy instead of manually selecting multiple objects one at a time. Typically, when creating a policy object, you group objects that require similar permissions in policy. For example, if your organization uses a set of server IP addresses for authenticating users, you can group the set of server IP addresses as an address group policy object and reference the address group in the Security policy. When you update an object definition (or if it can be updated dynamically), the security rules referencing that object automatically enforce your latest changes. By grouping objects, you can significantly reduce the administrative overhead in creating policies.
You can use the objects listed in this section together with Security profiles in all or some of the policy types.