Business Profiles

Default View

At the Web administration portal at ON NAC -> Business Profiles this will allows to create, review and search information over the business profiles (Policy Groups). Business profiles allows to group policies following different criterion, these can group technical events or business ones :

• Based on technical requirements:

For instance, type of authentication that is being used, this can be MAB (MAC Authentication Bypass), 802.1x with username and password, 802.1x with user certificate…), this can be based on location (building 1, floor 1…), user device characteristics (If this is a Corporate Device with Windows 10 installed), type of users (VPNs, Guest, Partners), type of network access (VPN, Wired or Wifi)

• Based on business requirements:

For instance, identifying marketing department or others, users that belong to any business service (we can use tags in CMDB, workstation attributes or also LDAP/AD attributes for this matter).

As mentioned, the business profiles allows to group policies. is recommended only to use one business profile with a policy, this limitation avoid wrong information representation in the openNAC Analytics.

At the web administration portal, business profiles capabilities can be review and used going to ON -> Business Profiles as shown by the Step 1.

There is not limitation to create as many as needed business profiles to group openNAC events, remember that these events are generated by policies the policy matching.

In order to create a new business profile follow the step 1, as well is very easy to remove the undesirable business profiles as shown by the step 2.

To create a business profile is required to completed a few steps:

Step 1, is required to include a name for the business profile, in this case we select “Business Profile Sample”.

Step 2. We have to choose a color to identify it more easily.

Step 3. Choose the policy or policies that belongs to the business profiles just created, remember that this business profile can include business or technical reasons to group.

Business profiles groups all the events related with a network access requests that match with a policy (Policies or can be also named Access Control entries).

We can set a filter as default one as shown by the step 1, to remove a business profile follow the step 2.

Search engine:

At the Step 3 we can use the name of a workstation that is authenticated in the network as a filter to search about it, any field can be used. This search engine allows us to search information in the business profile, in case you need to search in all the business profile the show all button should be used.

As shown by Step 4 allow us to expand the information provided by default, we can see and add additional information that is not shown as a column, To add a new column is required to press on the button shown by the step 5, in this case is included and choose VLAN ID.

From business profile module to improve incident response time, possible to quarantine or dequarantine any user devices as shown and following the steps 1 and 2, this user device can be send to this isolated network for many reasons (mainly security or compliance ones) Sometimes is required to force policy evaluation in a userdevice, to force this is possible to shutdown and not shutdown the user port to force it, this is call Toggle port and selecting any device can be launched as shown by Step 3.

To apply a filter based on a business profiles this can be done as shown by the step 4.

In order to search information in all the business profile and then not apply any filter, is required to use the button “show all” as shown by the step 5.

Sometimes is required to handle Network access events with other tools, for that matter and in order to export this information to a CSV file press the button Export data shown by the step 1.

Following at business profiles and as shown by the step 1, you can apply as many filters as needed to search specific network access requests.

You can create a filter based on MAC, IP, VLAN ID, Active Domain type of authentication an many others options are available.

Can be created and saved many custom filters as shown by the Step 2.

Is possible to set one custom filter as default following two steps:

Selecting a custom filter as shown by step 3 and press the button shown by the step 4.

Any custom filter can be edited and deleted as shown by the step 5.

Verifying the assets collected Information

Administrator can select one business profile and verify the assets associated to this.

BLUE: The basic information for any asset discovered by openNAC.

GREN: + Symbol can expand information for each asset

RED: Select an asset and take specific actions over singular asset.

The next image contains the information collected for each asset.

RED: The most relevant asset’s information like MAC, IP, how openNAC discover the asset, etc

BLUE: Tags collected, the tags are grouped by certain criteria like Profile, Security, Processes, etc, as image shows.

In default view administrators can manage user device connections performing several actions over each discover asset by right clicking over a single asset and select the desired action to take:

• Force a new asset port connection or/and authentication Toggle Port
• Quarantine and Dequarantine asset
• Force new profiling rules evaluation by Simulate Profiling for each asset

Business Profile Configuration

Is possible to have and create a customized business profiles view as shown by Step 1, you can add new customized view as shown by Step 2.

As soon as the view is created and new section appears as shown by the example of Discovery shown by the Step 3, as soon as you include any business profile to the customized view the number of business profile are shown as shown by Step 4.