Service Groups
配置>模板& Policies > ACLs > Service Groups
使用服务组选项卡来查看和管理服务公司ice groups in your SD-WAN network. A service group is a logical collection of protocols and ports that can be referenced in source or destination matching criteria in the zone based firewall and security policies (route, QOS, optimization, and so forth).
NOTE:乐队最多支持500个服务组。
添加a Service Group
请按照以下步骤创建一个新的服务组:
Click添加Group。打开“添加服务组”对话框。
Provide the following details in the fields provided:
场地 Used in Description 团队名字 All Enter a unique name for the group, up to 64 characters long.
NOTE:小组名称只能包含大写字母,数字,点,下划线和连字符。Protocol All 从可用的列表中选择一个协议。 端口包括 TCP, UDP 输入一个或多个端口以包含在组中。支持一个端口,多个逗号分隔的端口和一系列端口(例如20、22、24-30)。 Ports to exclude TCP, UDP Enter one or more ports to exclude from the group, in the case where you are including a range of ports. A single port, multiple comma-separated ports, and a range of ports are supported (e.g., 20, 22, 24-30). Groups to include TCP, UDP 输入一个或多个服务组的名称。
NOTE:组包容性仅支持两个层次的嵌套。例如,如果Group1包括Group2和Group2包括Group3,则您无法在任何地方包含Group1,因为它已经包含两个嵌套的组。Groups to exclude TCP, UDP Enter the name of one or more service groups to exclude, in the case where you are already including a group that includes multiple groups. ICMP类型 ICMP 对于ICMP,添加一个或多个消息类型以包含。支持多种类型和范围(例如1,2,4-8)。 Comment All 输入可选的评论,该评论描述了服务组以及如何使用。 Click添加to create the service group or clickCancelto close the dialog box without making any changes.
将规则添加到服务组
Follow the steps below to add a rule to an existing service group:
选择要在表上方的下拉列表中添加规则的服务组。
Click添加Rule。打开“添加规则对话框”。
在提供的字段中提供新规则的详细信息(请参阅中的字段说明添加a Service Group)。
Click添加创建规则或单击Cancelto close the dialog box without making any changes.
删除a Service Group
Follow the steps below to delete a service group:
Select the service group you want to delete from the drop-down list above the table.
Click删除Group。
A confirmation dialog box opens.
Click删除to confirm your choice and permanently remove the selected group and all of its rules. Otherwise, clickCancel返回列表而无需删除组。
Export Service Groups
You can export the current service groups to a CSV file as a backup to make bulk modifications outside of the Orchestrator UI. Follow the steps below to export service groups.
Click导出CSV。
在“保存”对话框中,浏览到要保存文件的位置,提供文件名,然后单击Save。
Open the saved file in Excel or another program to view or modify its contents.
NOTE:在编辑导出的规则和服务组时,您可以修改协议,包含,排除,ICMP类型或注释,以覆盖相同的规则。但是,如果您在规则上修改了组名称,则导入时会创建一个新规则。
Import Service Groups
请按照以下步骤从CSV文件中导入服务组:
NOTE:You can import a file that was exported and modified, or a new file that contains data in the same rows and columns as the exported file. Columns are ordered as Name, Protocol, Included Ports, Excluded Ports, Included Groups, Excluded Groups, ICMP types, and Comment. The first row of the import file will be ignored.
ClickBulk Import。服务组 - 批量上传对话框打开。
ClickChoose File,找到并选择要导入的CSV文件,然后单击Open。
Review the groups and rules to be imported.
ClickSave导入文件并合并或替换现有服务组,或单击Cancelto close the dialog box without making any changes.
查看一个服务组
By default, all service groups are displayed in the table on the Service Groups tab. To filter the table to a single service group, select the group from the drop-down list above the table.
NOTE:You can only add rules to an existing group when viewing a single service group. You cannot add a group with the same name as an existing group.
Edit or Delete a Rule
要编辑或删除现有规则,请单击规则右侧的编辑图标,然后打开“编辑规则”对话框。
要编辑规则,请修改可用字段,然后单击Save。
To delete the rule, click删除。
在匹配标准中使用服务组
When specifying match criteria for Port, you can use a service group by enabling theSrc:DestandGroupsoptions.
