Network objects

Network Objects are groups of IP addresses, ports, or other objects that you can share among multiple network access policy rules on the IBM QRadar Network Security appliance. You can use object groups instead of entering data repeatedly.

Attention: You must manually maintain Web Application and Inspection network objects to support security and application data updates.
Note: You can share policies and network objects among multiple appliances registered with the SiteProtector™ System.
You can create six different types of Network Objects on the Network Security appliance:
  • Address objects
  • Application objects
  • Inspection objects
  • Identity objects
  • Response objects (Alert, Packet Capture, and Quarantine)
  • Service objects
  • Schedule objects
You can also create object groups that contain multiple address objects or application objects. In addition, you can limit these objects to traffic on specific source or destination ports.
Example: You configure an Address Name with the IP range 192.0.2.0 - 192.0.2.24 and the name Atlanta_server. You can now use this network object, Atlanta_server, in policies without the need to enter the IP range each time. You can also change the Atlanta_server object in a central place, and the changes automatically take effect in all the policies that use the Atlanta_server object.
Parent topic: Security Protection Settings
Related concepts:
Packet capture objects
Related tasks:
Configuring network access policy rules