Tags Configuration

Inside ON CMDB -> Tags, the TAGs can be managed.

There are two types of TAGS that can be used:

  • Tags of Network Devices: Are tags that are associated to Network devices.
  • Tags of User Devices: Are tags that are associated to User Devices.
../../../_images/ONCMDB_SECURITY_TAGS_user-devices.png

Tags of Network Devices

As we have described Tags are one of the key openNAC components that allow us to enrich product capabilities and provide more flexibility.

For that matter and going to ON CMDB -> Tags -> Tags Network Devices as shown by the step1 is possible to define two types of Tags as shown by the orange square and the step 2.

The tags includes parts that must be filled up:

Name: Allow us to assign a name for the Tags, remember that there is a recommended standard for naming as shown by the step 4.

Description: Allow us to define a description to identify the Tags properly as shown by the step 5.

TTL: This parameter allow us to define a Time to Live, every tag has a TTL to define how may minutes this have to be calculated, tags can be dynamic. If we define the TTL to 0, this means that tags never goes to out of date or refresh its values, this is shown by the step 6.

In order to understand much better the TTL, for instance, if we have to create a group of authorized MAC Addresses (Media Access Control) for MAB (MAC Authentication Bypass) is mandatory to assign a tag in every MAC Address assigning an expiration time to 0 (TTL=0), this will guarantee that the Tags will be always assigned to device that use the MAC to be authenticated and never will be deleted.

../../../_images/oncmdbtags_nd.PNG

Tags of User Devices

User devices as shown by Step1 showns the tags related with userdevices, is possible to add any tags, define a description and TTL in minutes as shown by step 2

../../../_images/Tags_userdevices1.png

Going to ON CMDB -> Tags -> Tags of User Devices is possible to define tags for user devices as shown by the Step 1.

The User device tags includes fields that must be filled up:

Name: The step 2 allows us to assign a name for the Tags, remember that there is a recommended to follow a standard for tag names.

Description: Allow us to define a description to identify the Tags properly as shown by the step 3

TTL: The step 4 allow us to define a Time to Live, every tag has a TTL to define how may minutes this tag remains associated with CMDB Asset (User device, network devices …) , one of the default values assigned to the “Tags of User devices” are 1440 minutes (24 hours).

We can review User devices tags going to the ON CMDB -> User devices, editing any registered user device and pressing to “General info” TAB is possible to see all the Tags assigned as shown by Step 5.

../../../_images/oncmdbtags_ud.PNG

In the system you can see the tags in different places, to view the tags associated with userdevices we can go to ON CMDB -> User Devices and view the Tags assigned to this asset selected as shown by Step 5.

Tags Configuration

For openNAC Technologies TAGs is a key components because these tags are being used in different parts of the configuration.

Tags by default has a TTL value in minutes, this value define the time associate with the tags, it’s the life time for the tags, if the tag includes a TTL of 0 the tags will keep forever in the system.

../../../_images/tags_conf.png

Grouping CMDB Assets and its status, protocol identification, software inventory, security status, type of assets, Ports openned for instance..

For more detail about openNAC Tags review Tags Table.