Classification Rules
2. Classification
Rule Definition
To define Classification
Rule navigate to All Hosts and top of the page to access Classification Rules.
There are 51 predefined classification rules defined out of the
box. You can use predefined rules, or you can create your rules by clicking button on the up-right
corner.
In the classification rule, there are two parts; one is Tag Query Selection, and second is Rule Settings. In the Tag Query section, you can select target devices which rules will be applied by combining one or more tag queries. In the rule settings page, you can define what actions will be used to selected devices.
Figure 2 Tag Queries Section Of Rule
|
Setting Name |
Explanation |
|
Name |
Name of Rule. |
|
Discard Device |
Set/Unset Discard Flags of the Target Devices. |
|
Perform Authorisation |
Enable Custom Attack Type for the Target Devices. |
|
Attack Type |
Select Attack Type, which will be applied the Target Devices. It
should be used with Perform Authorisation Action. |
|
VLAN/ACL Name |
Set suitable attacking parameters for selected Attack Type (VLAN, ACL
e.t.c). It should be used with Perform
Authorisation Action. |
|
Comment |
Comment string that will be updated Target Device Comment Attribute
in DB. |
|
Object Type |
Change the object Type of Target Devices. |
|
Assign to Group |
Change the Inventory Group information of Target Device. |
|
Folder |
Folder name under which the Target Devices will be listed. This list
accessible in the hover menu on the All Host main menu. |
|
Time Range |
The time range in which rules executed. By default, rules are executed
in all time intervals. |
|
Execution Interval |
How often rules will be executed. By default, all rules executed
every 30 seconds. |
|
Clear Alien Flag |
Clears Alien flag of Target Devices. Is should be used with Discard
Device action. |
|
Overwrite Block Status |
Overwrites existing Block flags of Target Devices if any. It should
be used with Perform Authorisation action. |
|
Status |
Enables/Disabled the rule. |
|
Add to 802.1X MAB List |
Add the Target Device MAC address to MAC Address Based(MAB) authentication
table of Radius Server. It should be used if 802.1X is configured. |
|
MAB List Expire Date |
When the Target Host entries will be expired in MAB table. It
should be used if 802.1X configured. |
|
MAB List VLAN ID |
Enter the VLAN information of MAB Authenticated
devices. |
Table 1 Classification Rule Settings
After defining policy, click the save button. According to your settings rule will be evaluated and you can access your classification results by navigating All Host and clicking hover menu arrow.
Sample Classification rule definition and view as below
Figure 5 Classification Rule Result
Related Articles
Inventory Rules
1. Introduction Although granting network access only to authenticated and legitimate devices is of utmost importance, keeping the security posture at a high level is also necessary. Inventory Rules is used for continuously checking your ...NetCyte Management Main Screen
One of the most crowded screen of NetCyte management platform is Main Screen or "All Host" screen. This part of management platform is designed to show general information about client device, system and other useful functionalities. In this article, ...Tag Queries
1. Introduction Tag Queries are SQL Queries to select target hosts or Client IP Addresses from different tables according to requirements. Tag Queries is executed on Database, and the result set is used as target devices. Tag Queries are used in ...NetCyte DNS Security Quick Deployment Guide
Captive Portal Quick Deployment Guide 1. Summary This document is a summary of the quick deployment of the Captive Portal component of NetCyte NAC solution from pre-configured virtual appliances. 2. Objective The objective of the ...NetCyte Quick Deployment Guide
NetCyte Quick Deployment Document 1. Summary This document is a summary of quick deployment of netCyte NAC solution from preconfigured virtual appliances 2. Objective The objective of the quick deployment is to demonstrate discovery and ...