Jul 01, 2021

PEM Policy Rule - Custom Syntax


I want to change a PEM policy rule.

Instead of adding source or destination IPs in the flow section, I want to use the custom option to point to a data group of the IP addresses.

This is due to the fact I have lots of IP addresses in the source\dst and some repetitive rules that the protocol and action differentiate one from another, so pointing to a shared data group of IP addresses from a single point makes sense to me, to avoid mistakes.

The thing is, I couldn't find anywhere the syntax of pointing to a data group


Thanks in advanced for any help.

