2-11
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 2 Objects for Access Control
History for Objects
History for Objects
Feature Name
Platform
Releases Description
Object groups 7.0(1) Object groups simplify ACL creation and maintenance.
We introduced or modified the following commands:
object-group protocol, object-group network,
object-group service, object-group icmp_type.
Regular expressions and policy maps 7.2(1) Regular expressions and policy maps were introduced to be
used under inspection policy maps. The following
commands were introduced: class-map type regex, regex,
match regex.
Objects 8.3(1) Object support was introduced.
We introduced or modified the following commands:
object-network, object-service, object-group network,
object-group service, network object, access-list
extended, access-list webtype, access-list remark.
User Object Groups for Identity Firewall 8.4(2) User object groups for identity firewall were introduced.
We introduced the following commands: object-network
user, user.
Security Group Object Groups for Cisco
TrustSec
8.4(2) Security group object groups for Cisco TrustSec were
introduced.
We introduced the following commands: object-network
security, security.
Mixed IPv4 and IPv6 network object groups 9.0(1) Previously, network object groups could only contain all
IPv4 addresses or all IPv6 addresses. Now network object
groups can support a mix of both IPv4 and IPv6 addresses.
Note You cannot use a mixed object group for NAT.
We modified the following commands: object-group
network.
Extended ACL and object enhancement to filter
ICMP traffic by ICMP code
9.0(1) ICMP traffic can now be permitted/denied based on ICMP
code.
We introduced or modified the following commands:
access-list extended, service-object, service.
To Next Page
Loading...
Need help?
General