SmartGroup Use Case
The following is an example of using SmartGroups:
Angel creates three SmartGroups:
-
Smart Group 1 = SAP_BW
-
Smart Group 2 = SAP_CRM
-
Smart Group 3 = Public CIDR of Hosted S4Hana
Angel has the following business objectives:
-
Allow BW and CRM to talk to PaaS endpoint S4Hana on port 443
-
Deny all traffic between BW and CRM
To achieve Distributed Cloud Firewall (DCF) objectives, Angel does the following in Security > Distributed Cloud Firewall:
-
Builds firewalling policies that allow traffic from Smart Group 1 and 2 to talk on port 443 to Smart Group 3.
-
Creates a Deny All Policy for Smart Group 1 to talk to Smart Group 2. Note that after a SmartGroup is part of a policy, all traffic for that SmartGroup is denied unless explicitly allowed by DCF rules.