Policy & Objects : Managing objects and dynamic objects
 
Managing objects and dynamic objects
All objects within an ADOM are managed by a single database unique to that ADOM. Objects inside that database can include items such as addresses, services, intrusion protection definitions, antivirus signatures, web filtering profiles, etc.
When making changes to an object within the object database, changes are reflected immediately within the policy table in the Web-based Manager. No copying to the database is required.
Dynamic objects are used to map a single logical object to a unique definition per device. Addresses, interfaces, virtual IPs, and an IP pool can all be addressed dynamically.
 
Not all policy and object options are enabled by default. To configure the enabled options, select the Display Options icon and select the display options in the dialog window. Select OK to save the setting.
Objects and dynamic objects are managed in lower frame of the Policy & Objects tab. The available objects varies depending on the specific ADOM selected.
Figure 217: Objects list
Objects can be dragged and dropped from the object frame into specific cells of a given policy. For example, an address object can be dragged into the source or destination cells of a policy. For more information see “Drag and drop objects”.
To view more information about an object in a policy, hover the pointer over the cell that contains that object. After one second, a tool tip will appear giving information about the object or objects in that cell.
Table 13: Objects and Global Objects 
Objects Type
Available Objects
Level
Zone
Zone
Create a new zone.
ADOM and Global
Firewall Objects
Address
Create a new Address, Address Group, IPv6 Address, or IPv6 Address Group.
Service
Create a new Service (Firewall or Explicit Proxy) or Service Group.
Schedule
Create a new Recurring Schedule, One-time Schedule, or Schedule Group.
Traffic Shaper
Create a new Shared Shaper or Per-IP Shaper.
Virtual IP
Create a new IPv4 Virtual IP, IPv6 Virtual IP, NAT64 Virtual IP, NAT46 Virtual IP, IPv4 VIP Group, IPv6 VIP Group, NAT64 VIP Group, NAT 46 VIP Group, IP Pool, or IPv6 IP Pool.
Load Balance
Virtual Server
Real Server
Health Check Monitor
Web Proxy
Create a new Web Proxy Forwarding Server.
ADOM and Global
Note: Load Balance and Web Proxy are available at the ADOM level only.
Security Profiles
AntiVirus Profile
Web Filter Profile
Application Sensor
IPS Sensor
Email Filter Profile
Data Leak Prevention Sensor
VoIP Profile
ICAP Profile
MMS Profile
Create a new MMS Profile. (FortiCarrier only)
GTP Profile
Create a new GTP Profile. (FortiCarrier only)
Advanced
Application List
Create a Custom Application Signature.
Web Content Filter
Web URL Filter
Local Category
Rating Overrides
Create a New Local Rating.
IPS Custom Signature
Create a New Custom Signature.
Email List
File Filter
Detection List
ICAP Server
Create a New ICAP Server.
Proxy Options
Create new Proxy Options.
SSL/SSH Inspection
Create New Deep Inspection Options.
Profile Group
Create a new Profile Group.
SSL VPN Portal
Create a new SSL-VPN Portal.
ADOM and Global
User & Device
User Definition
Create a New User.
User Group
Create a New User Group.
Device
Create a new Device or Device Group.
Remote
Create a new LDAP, RADIUS, or TACACS+ Server.
PKI
Create a New PKI User.
SMS Service
Create a new SMS Server.
FortiToken
Add a new FortiToken.
Single Sign-On
Create a New RADIUS Single Sign-On Agent and Retrieve FSSO Agent.
ADOM and Global
WAN Opt
Profile
Create a new WAN Optimization Profile.
Peer
Create a new WAN Optimization Peer.
Authentication Group
Create a new Authentication Group.
ADOM and Global
Dynamic Objects
Local Certificate
Create a New Dynamic Local Certificate.
VPN Tunnel
Create a New Dynamic VPN Tunnel.
ADOM only
CA Certificates
CA Certificate
Import and view CA Certificates.
ADOM only
Tag Management
Tag Management
Create a new Tag.
ADOM and Global