SmartGroup Use Case Example

The following are examples of using SmartGroups:

Use Case 1

Angel creates three SmartGroups:

  • Smart Group 1 = SAP_BW

  • Smart Group 2 = SAP_CRM

  • Smart Group 3 = Public CIDR of Hosted S4Hana

Angel has the following business objectives:

  • Allow BW and CRM to talk to PaaS endpoint S4Hana on port 443

  • Deny all traffic between BW and CRM

To achieve Distributed Cloud Firewall (DCF) objectives, Angel does the following in CoPilot Home > Security > Distributed Cloud Firewall:

  • Builds firewalling policies that allow traffic from Smart Group 1 and 2 to talk on port 443 to Smart Group 3.

  • Creates a Deny All Policy for Smart Group 1 to talk to Smart Group 2. Note that after a SmartGroup is part of a policy, all traffic for that SmartGroup is denied unless explicitly allowed by DCF rules.

Use Case 2

Angel creates a SmartGroup named PSF_GW, that will be used in conjunction with the default Public Internet SmartGroup and the blah blah WebGroup to ensure that domains from xxx on the Internet are not sent to the PSF gateway?

Business objective is to block traffic from xxx from reaching the PSF gateway?

  • SmartGroup: PSF_GW

  • WebGroup: include the domains xx and xx

  • Rule? xxx

  1. Create SmartGroup with these properties

  2. Create WebGroup with these properties

  3. Create DCF rule