Adding multiple hosts to a Firewall policy

You can add one host at a time from each firewall rule in a Firewall policy. To eliminate the retyping of each host address or host name for each firewall rule, you can create a single host group with multiple hosts. A host group is accessible from any firewall rule in any Firewall policy. Any changes you make to the host group update automatically in the Firewall policies that reference the group.
When you add a host group to a firewall rule, it adds all the hosts as a single entry. You can remove the hosts from each firewall rule when you don't need them anymore.
To delete the host group from all firewall policies, the group's host address or names get converted to multiple entries in the firewall rule. For example, if a host group has five items, the host group coverts from one entry to five entries in each firewall rule.
  1. To create host groups
  2. Go to
    Endpoint
    >
    Policies
    >
    Policy Components
    .
  3. On the
    Host Groups
    tab, select
    Add Host Group
    .
  4. In the
    Create Host Group
    dialog box, enter a group name, and then click
    Add Host
    .
  5. In the
    Add Host
    dialog box, select
    Save & Add Another
    to add multiple hosts.
  6. When you are done, select
    Save
    and then select
    Yes
    .
    When you update a host group, each Firewall policy that references the host group gets updated automatically and a new policy version is created.
    • Select
      Yes
      to make sure that the new policy version also gets applied to the device groups or policy groups the policy is assigned to.
    • Select
      No
      to refrain from applying the new policy version to the device groups or policy groups the policy is assigned to..
To add host groups to a firewall rule
  1. In a Firewall policy, create a new rule or editing an existing rule.
  2. In the
    Add/Edit Firewall Rule
    dialog box, select
    Hosts
    >
    Only hosts defined by the local/source or remote/destination address below
    .
  3. Select
    Add from Host Group
    , check a host group in the
    Group Name
    column, and select
    Submit
    >
    Submit
    .