- Overview
- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Configuring the console
- Setting up the CylancePROTECT agent
- Device management
- Threat management
- Global lists
- Administration
- Managing users
- Managing roles
- Update profile information
- Audit logs
- Managing Certificates
- Setting up email notifications
- Settings
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 1.2.2.1 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- Applications
- CylanceON-PREM API
- Troubleshooting
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
Tag rules
Tag rules automatically assign or remove tags from devices. This helps you automatically organize and manage tags on your devices. If a tag is assigned to a device using a tag rule, and the device later evaluates to
false
, the tag will be automatically removed from the device. You can also manually assign tags to individual devices. For more information, see Assign a tag.Example:
If a device you manually assigned tags to is located in the Portland office and the user transfers to the Austin office, you will need to remove the Portland tag from the device and then assign the Austin tag. If you use tag rules to assign tags and the user transfers to Austin, the tag rule for Portland will evaluate to false
and automatically remove the Portland tag. When the tag rule for the Austin office evaluates to True
, the Austin tag will be assigned to the device. Tag rules are independent of each other and there are no priorities like those used in policy rule sets. Multiple tags can be assigned to a device using tag rules. As long as each tag rule evaluates to
True
, the tag will be assigned. For example, a device can have both an Austin office tag and an Engineering tag assigned to it.Tag rules are deterministic
The same tag cannot be applied both manually and automatically. The reasons behind this are as follows:
- For automatic tagging to be useful, you want the tags to reflect a device’s current state, not the device's past state. This means tags have to be able to be assigned and removed from devices automatically to reflect their current state. In the example above, a device originally sat in the Portland office. When the user transferred to Austin, it would have both Portland and Austin tags assigned unless the Portland tag was removed.
- If you can manually remove a tag that was assigned by a tag rule, it is no longer deterministic. For example, if you have 10 devices that should have the same tag assigned, but the tag can be manually removed from one device, you wouldn't have any way of knowing why the tag wasn't applied to that device. You might wonder if there was an issue with the rule.
Evaluating tag rules
Tag rules are evaluated in the following scenarios:
- Newly created tag rules will evaluate against all devices.
- Edited tag rules will evaluate against all devices.
- A report of updated device attributes will evaluate all tag rules against that device.