Hosts and Groups


The Hosts and Groups application simplifies management of objects on a network which can be identified by IP address, Domain, MAC Address or service. These objects can also be members of groups based on IP, Domain, MAC and Service. Objects are then linked with different advanced firewall application configurations and these configurations are automatically updated with any changes to objects without the need for any further configuration. This feature greatly simplifies the management of rules, policies and schedules across the CE XDR network.


The Hosts and Groups application is installed by default and can be accessed from the left-hand navigation panel.


Left-hand Navigation Panel > System Configuration > Hosts and Groups Navigate_to_hosts_and_groups

Note: It is suggested to set up Groups ahead of defining Hosts to make the process simpler if you plan to utilise your own custom Groups.


The Hosts and Groups application provides a list of default IP Hosts and Services that can be used while creating advanced firewall rules.

The screenshot below shows the default IP Hosts policy objects namely, HOME_NET, RP_DNS_SERVERS, and RP_NETWORK_SERVERS. HOME_NET consists of IP addresses of the LAN, VLAN, Virtual and Wi-Fi interfaces of the Crystal Eye XDR. HOME_NET gets updated with the CE XDR the interface IP address as and when its created.

crystal-eye-xdr-default_policy_objects1

The screenshot below shows the default policy objects of Services such as, Distributed Network Protocol 3 (DNP3), File Transfer Protocol, Generic Network Virtualization Encapsulation (Geneve), Hypertext Transfer Protocol (HTTP), MODBUS, Oracle Database Listener Port, Secure Shell Protocol, Teredo Ports and VXLAN Ports.

crystal-eye-xdr-default_policy_objects2

The app also allows users to create firewall objects to represent a variety of items in a firewall rule such as IP Host, IP Host Group, Domain, Domain Group, MAC Hosts, MAC Hosts Groups, Services and Service Group.

The application has a dedicated section to create custom policy objects and has a range of preconfigured firewall objects that can be actively used to create advanced firewall rules. One of the most important advantages of using Crystal Eye XDR’s policy object is that it allows users to reuse it while creating firewall rules.

Advantages of Using Policy Objects:

  • It becomes easy to reference a bunch of hosts or groups such as an IP host, MAC host, domain, domain groups and service groups.

  • Policy objects are used in CE XDR’s advanced firewall rules. The maintenance of these rules is further simplified with policy objects since the updates done in them are automatically updated in the entire set of firewall rules.


The CE XDR’s Hosts and Groups application can be used to create custom policy objects for a particular IP host or for the entire network. Each IP Host policy object created is aligned to an IP Host Group and can have an IP address type as IPV4 or IPV6.

Note: Read Using Default and Custom Policy Objects to know more about the default IP Host objects.

These custom and default IP Host Policy Objects are used to create advanced firewall rules in the CE XDR.

How to create an IP Host policy object?

Step 1: In the Hosts and Groups application page, select the IP Host tab. crystal-eye-xdr-ip-host-policy-object1

Step 2: You will now see the IP Host page. Click the Add button. crystal-eye-xdr-ip-host-policy-object2

Step 3: You will see the Add IP Host page. Perform the following sub-tasks to create the IP Host policy object.

  • Name of the IP Host object
  • Select the IP family as IPv4 or IPv6
  • Select whether the object is an IP or a Network
  • Select the group from the dropdown
  • Enter the description of the IP Host object.
  • Click the Add button. crystal-eye-xdr-ip-host-policy-object3-a

Note: The following screenshot shows the default IP Host Groups that you can choose from. However, a custom IP Host Group object can also be created as discussed in the following ‘how to’ configuration steps. crystal-eye-xdr-ip-host-policy-object4

How to create an IP Host Group object?

Step 1: In the Hosts and Groups application, select the IP Host Group tab. crystal-eye-xdr-ip-host-group-object1

Step 2: You will see the IP Host Group page. Click the Add button crystal-eye-xdr-ip-host-group-object2

Step 3: You will now be directed to the Add IP Host Page. Enter the Name of the IP Host Group, the description and click the Add Button. crystal-eye-xdr-ip-host-group-object3


The Domain and Domain Group objects allows CE XDR administrators to define a DNS domain by its name and use it in access control policy rules in the advanced firewall traffic rules.

How to create a Domain object?

Step 1: In the Host and Groups application, click the Domain tab. crystal-eye-xdr-domain-object1

Step 2: You will see the Add Domain page. Enter the Name of the Domain object in the textbox. crystal-eye-xdr-domain-object2

Step 3: Enter the Domain Name in the Value textbox. crystal-eye-xdr-domain-object3

Step 4: Select the Domain Group from the dropdown.

Note: You will notice that the Group dropdown consists of just one default domain group labelled as ‘Default Domain Group’. Custom domain groups can be created under the Domain group tab.

Step 5: Enter the Description in the textbox and click the Add button. crystal-eye-xdr-domain-object5


This feature of the Hosts and Groups application allows users to create MAC Hosts based firewall objects that can be used to create MAC address-based firewall rules.

Step 1: In the Host and Groups application, click the MAC Hosts tab. crystal-eye-xdr-mac-object1

Step 2: You will see the Add MAC Hosts page. Click the Add button. crystal-eye-xdr-mac-object2

Step 3: You will be directed to the Add MAC Hosts page. Enter the Name of the MAC Host in the textbox. crystal-eye-xdr-mac-object3

Step 4: Enter the MAC address of the host in the textbox. crystal-eye-xdr-mac-object4

Step 5: Select the Mac Hosts group in the Group dropdown. crystal-eye-xdr-mac-object5

Note: You will notice that the Mac Hosts Group dropdown consists of just two default MAC Host group labelled as ‘Default Mac Host Group’ and ‘Media’. Custom domain groups can be created under the MAC Host Group tab.

Step 6: Enter the Description in the textbox and click the Add button. crystal-eye-xdr-mac-object6


The Hosts and Groups application of the CE XDR allows administrators to create policy objects of services and service groups that are further used to define ports in the firewall rules.

Step 1: In the Host and Groups application, click the Services tab. crystal-eye-xdr-service-object1

Step 2: You will see the Services page. Click the Add button.crystal-eye-xdr-service-object2

Step 3: You will be directed to the Add Services page. Enter the Name of the Service Port in the textbox. crystal-eye-xdr-service-object3

Step 4: Enter the Port Number in the textbox. crystal-eye-xdr-service-object4

Step 5: Select the Service group in the Group dropdown. crystal-eye-xdr-service-object5

Note: You will notice that the Service Group dropdown consists of just two default service group labelled as ‘Default Service Group’ and ‘Default IDPS Service Group’ and ‘Shell Code Ports’. Custom domain groups can be created under the Service Group tab.

Step 6: Enter the Description in the textbox and click the Add button. crystal-eye-xdr-service-object6