Node Group Details
In Genian NAC, node groups can be categorized into two types: Node Policy-only Node Groups (Policy Groups) and General Node Groups (Status Groups).
In general, node groups are used when establishing policies and can be applied in node policies and control policies.
Checking Conditions for Creating Node Policy-only Node Groups
Node policy-only node groups are based on node-related information such as node type, IP/MAC address, user information, and authentication.
These node groups can be used in node policies.
| Item | Description |
|---|---|
| IPv6 Address | Creates a group based on the node’s IPv6 address. |
| IP Management | Creates a group based on IP management policies used in NAC. |
| IP Address | Creates a group based on the node’s IPv4 address. |
| MAC + IP Address | Creates a group based on the node’s IPv4 address and MAC address. |
| MAC Address | Creates a group based on the node’s MAC address. |
| Node Type | Creates a group based on the node type classified by NAC. |
| Registration Status | Creates a group based on whether the node is registered on the policy server. |
| Registration Date | Creates a group based on the registration time of the node in NAC. |
| Sensor | Creates a group based on network sensors and registered nodes on those sensors. |
| Time | Creates a group based on current time using time objects. |
| Agent | Creates a group based on the installation and operation status of the NAC agent. |
| Authenticated User | Creates a group based on authenticated users when NAC's user authentication is in use. |
| Device Owner | Creates a group based on the device owner information set on the node. |
| Policy Group | Creates a group that includes another policy group. (Only one level of nesting is allowed) |
| Tag | Creates a group based on tag information assigned to nodes. |
Checking Conditions for Creating General Node Groups
General node groups are based on node status and results derived from various related conditions.
Note
General node groups include all conditions of policy-only node groups, but cannot be used in node policies.
| Category | Description | Items | |
|---|---|---|---|
| Policy | Creates a group based on policies defined in NAC. | IP Management, Node Group, Node Policy, Authenticated User, Tag, Hostname Restriction | |
| Sensor Info | Creates a group based on information collected from network sensors. | Node Type, Service, Sensor, Up/Down Status, Open Ports, OS Type | |
| Traffic, Platform, Host/Domain Name | |||
| Agent Info | Creates a group based on information collected from agents. | USB Device Info, WMI Data Collection, Uptime, Account Password Verification, Network, AV Info | |
| Software, System, System User Account, Agent Status, Agent Actions, OS Updates | |||
| Device Info | Creates a group based on information set on devices. | Device Name, Description, Manufacturing Date, Purchase Source, Start/End of Lifespan | |
| Serial Number, Purchase Cost, Responsible Person/Department, Memo | |||
| Additional Info | Creates a group based on GPI integration and additional field values. | GPI Score, GPI Inspection Result | |
| Uncategorized | Creates a group based on conditions not classified into specific types. | Registration Status, IPv6 Address, IP Address, MAC + IP, MAC Address, NAT,Registration Date, Consent | |
| Name/Description, Built-in Wireless, Device Owner, Connected AP/Device/Port, Platform CVEs | |||