How to Create a Network Resource

Network Resource groups provide a quick and easy way to define traffic classification rules for groups of network resources such as routers, VoIP (Voice over IP) gateways, and servers. You create a network resource group by defining a list of MAC or IP addresses for the resources that you want included in the group.

In addition, you can use Network Resource Topologies to define a different resource list for different groups of devices in your domain. This enables you to set up network resource access based on the location where end users authenticate.

Once a network resource group has been defined, you can associate it with an Automated service (see How to Create a Service for more information). The Automated service automatically creates a rule with a specified action (class of service and/or access control), for each resource address in the network resource group. Automated rule types include Layer 2 MAC Address rules, Layer 3 IP Address and IP Socket rules, and Layer 4 IP UDP Port and IP TCP Port rules.

You can also create Global Network Resources which will be shared between all your domains and can be used by global automated services. Network Resource Topologies are not available for Global Network Resources.

  TIP: The Policy Manager Demo.pmd file contains examples of network resource groups that you might want to create, such as Internet Proxy Servers and SAP Servers.

How to Create a Network Resource

  1. From the Edit menu, select Network Resources Configuration. The Network Resource Configuration window opens.
  2. Right-click the Network Resources folder and select Create Network Resource. A New Network Resource item is created in the left panel in a highlighted box. (If you want to create a Global Network Resource, click on the Global Network Resources folder.)
  3. Type the resource name in the highlighted box.
  4. In the right-panel General tab, use the Edit button to add a description of the network resource, if desired.
  5. Select the network resource Type:
    • Layer 2 MAC - Define a group of network resources using MAC addresses.
    • Layer 3 IP - Define a group of network resources using IP addresses.
  6. Select the appropriate network resource topology. Network Resource Topologies are used to divide the devices in a domain into groups called islands. You can then define a unique resource list for each island within that topology, allowing user access to resources on the network based on the physical location at which they authenticate. If you are not using topologies to group your devices, select the Domain Wide topology, which contains just one island for all your domain devices.
  7. For each topology island included in the selected topology, you will see a tab where you can list the resources for that specific island. Use the address field (MAC or IP, depending on the selected type) to add a new resource to the list. Use the Copy and Paste buttons to copy a resource address from one island and paste it into another island.
Once a network resources group has been created and defined, it can be associated with an Automated service (see How to Create a Service for more information).
 TIP:To quickly view what resources belong to a device, select the device (not the device type folder) in the Device Support tab for the automated service or the role that includes that service.

How to Create a Network Resource Topology

  1. From the Edit menu, select Network Resources Configuration. The Network Resource Configuration window opens.
  2. Right-click the Network Resource Topologies folder and select Create Network Resource Topology. A New Network Resource Topology item is created in the left panel in a highlighted box.
  3. Type the topology name in the highlighted box.
  4. Expand the topology to see the Default Island, which contains all the devices in the domain.
  5. Right-click on the topology and select Create Network Resource Island. Type in the island name in the highlighted box. Use this step to create all the islands for this topology.
  6. Right-click on an island and select Modify Island Device Membership to open the Island Device Membership window where you can move devices from the Default Island to the islands you just created. Click OK.
  7. Set any island as the [Default] island for new devices that are added to the domain by right-clicking the island and selecting Set as Default Island for New Devices.

The Network Resource Topology will now be available for selection when you create your network resources.

Related Information

For information on related tasks:

For information on related windows:

top