Importing Security Groups from a CSV File

This section describes how to create security groups in batches by importing security groups from a CSV file to a FW.

Have available a CSV file. A CSV file can be obtained in either of the following ways:

Exporting security groups information on a FW into a CSV file. For details on how to export a CSV file, see Follow-up Procedure in Creating Security Groups.
Log in to the Web UI of the device, choose Object > User > User Import > Local Import > Security Group Import to download a CSV template. Read the instructions on the CSV template and fill in security groups information. Figure 1 shows a CSV file.

The CSV file can contain Chinese characters, English letters, digits, and special characters.

A security group name cannot contain any commas (,), quotation marks ("), question marks (?), slashes (/), or at sign (@).

The names of a security group and its parent group in a non-default authentication domain must contain @authentication-domain-name. For example, test@domain1 indicates security group test in the domain1 authentication domain.

Figure 1 CSV file format

The following rules apply when you import security groups in batches:

The name of a CSV file must end with the extension .csv.
If the number of security groups reaches the upper limit, the import process stops, and no more security groups can be imported. If the attribute of a security group in the CSV file is invalid, this security group cannot be imported.
After a CSV file is successfully imported, security groups information only exists in the memory. Save configurations immediately. Otherwise, security groups information may be lost after the FW restarts.
In the dual-system hot backup scenario, you need to import a CSV file to both the active and standby FWs. This is because the active FW does not automatically synchronize the imported security groups to the standby FW.