Managing Nodes

Note

Please refer to the Configuring Node Network Connection Health Checks document for checking the status of registered nodes.

Adding Nodes

Genian NAC automatically detects active nodes and registers them in the node list. Also, You can pre-register and use a node when you allow or deny a node before the node has access to the network.

  1. Go to Management > Node in the top panel
  2. Click Tasks > Node and Device > Add Node
  3. Fill out the Add Node up to the panel.

You can register the node by entering IP only, MAC only, or both.(Other values are optional)

  1. IP as IP address
  2. Additional IP Select this when you want to register multiple consecutive IP nodes.
  3. IP Policy Select when you want to use a specific IP policy.
    • Allow IP
    • Allow IP for Specific MACs
  4. Start Select the start date and time in the calendar. Set the availability start period for the node.
  5. End Select the end date and time in the calendar. Set the availability end period for the node.
  6. IPAM Policy for New Node
    • Allow MAC
    • Enable Conflict Prevention
    • Enable Change Prevention
    • Enable Conflict Prevention / Change Prevention
  7. MAC as MAC address
  8. MAC Policy Select when you want to use a specific MAC policy.
  9. Start Select the start date and time in the calendar. Set the availability start period for the node.
  10. End Select the end date and time in the calendar. Set Set the availability end period for the node.
  11. Sensor The node selects the location of the sensor to be registered.
  12. Node Type Select the type of node to be registered.
  13. Node Delete-Prevention Select whether the node can be deleted. on or off
  14. Configure additional fields (if applicable)
  15. Click Save

Add Multiple Nodes

You can register multiple nodes at once using CSV file.

  1. Go to Management > Node in the top panel
  2. Click Tasks > Node and Device > Import Nodes
  3. Click Select file CSV menu in Import Nodes up to the panel.
  4. Select the CSV file that you created for the format on your file explorer.
  5. Select the appropriate Sensor from the drop-down menu where the node will be registered.
  6. Click Import

Note

If the format in the CSV file is not correct, the node is not registered.

Remove Node

You can delete inactive Node data to better organize the networks Node view. You can delete inactive Nodes through policies, or manually delete Nodes as they are no longer found on the network.

Manually Remove Inactive Nodes

  1. Go to Management > Node in the top panel
  2. Find desired inactive Nodes. Click Checkbox
  3. Click Tasks > Node and Device > Remove Node

Warning

If a connected and running node is accidentally deleted, that node will instantly re-register.

Remove Inactive Nodes Through Policy

  1. Go to Policy in the top panel
  2. Go to Policy > Node Policy in the left Policy panel
  3. Find and click [Policy Name] in the Node Policy panel
  4. Find Management Policy > Deleting Down Node in the Node Policy panel
  5. Set a time for deleting Nodes after a period of inactivity : 30 (If a Node is offline for a certain period of time, it will be deleted automatically. Default is 30 days)
  6. Click Update
  7. Click Apply in top right corner

Remove Outdated Node

The Policy Server keeps Node information by default up to 3 days after an IP has been changed.

  1. Go to Preferences > General > Node
  2. Find Lifetime > Keeping Outdated Node in the Node
  3. Set a time for deleting Nodes after a period of outdated Node information by IP address change : 3 (Default is 3 days)
  4. Click Update
  5. Click Apply in top right corner

Monitoring Node Host Names

New Nodes can be screened for compliance with a host name policy.

You can define the allowed host name for nodes per their Node Policy. Criteria for allowed node policy can be constructed based off authenticated User Attributes , IP address or regex.

  1. Go to Policy in the top panel #. Go to Policy > Node Policy in the left Policy panel
  2. Find and click [Policy Name] in the Node Policy panel
  3. Find Management Policy > Hostname Policy for New Node and select On.
  4. Enter your standard hostname, or click Use Template to define a compliant host name scheme.

Windows host names may also be changed using the Change Computer Name plugin.

See: Hostname Change

Using Node Bucket

The Node bucket is a a grouping tool that can be used for various administrative purposes such as testing or monitoring. It cannot be used for Policy.

Add to Node Bucket

  1. Go to Management > Node in the top panel
  2. Find the desired node(s) and Click the Checkbox on the left of the entry.
  3. Click Tasks > Node and Device > Add To Node Bucket
  4. Click Ok (Nodes added to your Node Bucket will appear in the Management > Node view)

Remove from Node Bucket

  1. Go to Management > Node in the top panel
  2. Go to Sensor Tab > Node Bucket in the left panel
  3. Find Node from Node Bucket window. Click Checkbox
  4. Click Empty button in top right (To clean the entire Node Bucket. Click Empty All)

Checking Node Type

Node type is additional information categorized by the system based on data collected from the network sensor and agent.

Note

  1. For details on node type classification, please refer to dpi.
  2. To learn how to create node groups using node types, please refer to Node-group-details.

Creating a New Node Type

To manage device platforms identified through GDPI, a node type must be assigned in the system. If you want to use a custom-defined node type instead of one predefined by the system, you must create a new node type.

  1. Navigate to Settings from the top panel.
  2. From the Attribute Management section on the left, select Node Type Management.
  3. In Select Action, click Create.
  4. Set a name and icon, then click Create.

Assigning a Node Type

Node types defined by the system are assigned automatically, while user-defined types must be assigned manually.

Note

If you assign a confirmed node type, it can be compared against the node type determined from collected data.

  1. Search for the Node to which you want to assign a node type.
  2. Select the node IP and open the Node Info tab.
  3. In the Platform Status section, set the values for Node Type, Assigned, and Confirmed Node Type.
  4. Click the Edit button.
Item Description
Node Type Automatically assigned by the system based on collected information. If the collected data changes, the node type will be updated accordingly.
Node Type (Assigned) Manually assigned by the administrator, not automatically by the system. The assigned type remains even if the collected data changes.
Node Type (Confirmed) Separately assigned manually by the administrator, regardless of the system's automatic type. If the collected data changes, the system-assigned node type may change, but the confirmed node type will remain as specified.