Managing Nodes

Adding Nodes

Genian NAC automatically detects active nodes and registers them in the node list. Also, You can pre-register and use a node when you allow or deny a node before the node has access to the network.

  1. Go to Management > Node in the top panel
  2. Click Tasks > Node and Device > Add Node
  3. Fill out the Add Node up to the panel.

You can register the node by entering IP only, MAC only, or both.(Other values are optional)

  1. IP as IP address
  2. Additional IP Select this when you want to register multiple consecutive IP nodes.
  3. IP Policy Select when you want to use a specific IP policy.
    • Allow IP
    • Allow IP for Specific MACs
  4. Start Select the start date and time in the calendar. Set the availability start period for the node.
  5. End Select the end date and time in the calendar. Set the availability end period for the node.
  6. IPAM Policy for New Node
    • Allow MAC
    • Enable Conflict Prevention
    • Enable Change Prevention
    • Enable Conflict Prevention / Change Prevention
  7. MAC as MAC address
  8. MAC Policy Select when you want to use a specific MAC policy.
  9. Start Select the start date and time in the calendar. Set the availability start period for the node.
  10. End Select the end date and time in the calendar. Set Set the availability end period for the node.
  11. Sensor The node selects the location of the sensor to be registered.
  12. Node Type Select the type of node to be registered.
  13. Node Delete-Prevention Select whether the node can be deleted. on or off
  14. Click Save

Add Multiple Nodes

You can register multiple nodes at once using CSV file.

  1. Go to Management > Node in the top panel
  2. Click Tasks > Node and Device > Import Nodes
  3. Click Select file CSV menu in Import Nodes up to the panel.
  4. Select the CSV file that you created for the format on your file explorer.
  5. Select the appropriate Sensor from the drop-down menu where the node will be registered.
  6. Click Import

Note

If the format in the CSV file is not correct, the node is not registered.

Remove Node

You can delete inactive Node data to better organize the networks Node view. You can delete inactive Nodes through policies, or manually delete Nodes as they are no longer found on the network.

Manually Remove Inactive Nodes

  1. Go to Management > Node in the top panel
  2. Find desired inactive Nodes. Click Checkbox
  3. Click Tasks > Node and Device > Remove Node

Warning

If a connected and running node is accidentally deleted, that node will instantly re-register.

Remove Inactive Nodes Through Policy

  1. Go to Policy in the top panel
  2. Go to Policy > Node Policy in the left Policy panel
  3. Find and click [Policy Name] in the Node Policy panel
  4. Find Management Policy > Deleting Down Node in the Node Policy panel
  5. Set a time for deleting Nodes after a period of inactivity : 30 (If a Node is offline for a certain period of time, it will be deleted automatically. Default is 30 days)
  6. Click Update
  7. Click Apply in top right corner

Remove Outdated Node

The Policy Server keeps Node information by default up to 3 days after an IP has been changed.

  1. Go to Preferences > General > Node
  2. Find Lifetime > Keeping Outdated Node in the Node
  3. Set a time for deleting Nodes after a period of outdated Node information by IP address change : 3 (Default is 3 days)
  4. Click Update
  5. Click Apply in top right corner

Monitoring Node Host Names

New Nodes can be screened for compliance with a host name policy.

You can define the allowed host name for nodes per their Node Policy. Criteria for allowed node policy can be constructed based off authenticated User Attributes , IP address or regex.

  1. Go to Policy in the top panel #. Go to Policy > Node Policy in the left Policy panel
  2. Find and click [Policy Name] in the Node Policy panel
  3. Find Management Policy > Hostname Policy for New Node and select On.
  4. Enter your standard hostname, or click Use Template to define a compliant host name scheme.

Windows host names may also be changed using the Change Computer Name plugin.

See: Changing Computer Name

Using Node Bucket

The Node bucket is a a grouping tool that can be used for various administrative purposes such as testing or monitoring. It cannot be used for Policy.

Add to Node Bucket

  1. Go to Management > Node in the top panel
  2. Find the desired node(s) and Click the Checkbox on the left of the entry.
  3. Click Tasks > Node and Device > Add To Node Bucket
  4. Click Ok (Nodes added to your Node Bucket will appear in the Management > Node view)

Remove from Node Bucket

  1. Go to Management > Node in the top panel
  2. Go to Sensor Tab > Node Bucket in the left panel
  3. Find Node from Node Bucket window. Click Checkbox
  4. Click Empty button in top right (To clean the entire Node Bucket. Click Empty All)