×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Important

   

This version of the product has reached end of support. The documentation is available for your convenience. However, you must be logged in to access it. You will not be able to leave comments.
TrueSight Network Automation 8.9 ... Getting started Key concepts

About endpoint quarantine actions

TrueSight Network Automation supports quarantine actions on network endpoints such as quarantine actions on a problematic server that is connected to the network through one or more switches.

These endpoint actions can be used to perform the following tasks:

  • Find the name of the closest switch to the specified endpoint.
  • Modify the configuration of the closest switch to the problematic endpoint. This is done for the purpose of restricting access, remediating the behavior of the endpoint (that is, connecting the endpoint to a remediation server), and later restoring network access to the endpoint.

Endpoint actions are initiated by users or by web services clients. Job approvals are the same as those available for other network span actions.

Endpoint action

Description

Find endpoint

Takes as input an endpoint IP address and a bounding span within which to search (entire network is an option). After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The pop-up shows the name of the managing switch and port, the traceroute transcript, and a list of the devices traversed by the action.

Quarantine endpoint

Takes as input an annotation, an endpoint IP address, a bounding span within which to search, and optional flags to perform trailing commit and mark-as-trusted operations. This action quarantines the endpoint according to the isolation level chosen. The following isolation levels are available:

  • Disable Port
  • Block Endpoint
  • Remediate Endpoint via ACL
  • Remediate Endpoint via VLAN

After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The result shows the name of the managing switch and port, the traceroute transcript, and a list of the devices traversed by the action.

Unquarantine endpoint

Takes as input an annotation, and endpoint IP address, and optional flags to perform trailing commit and mark-as-trusted operations. When the action executes, it undoes the effects of the quarantine. After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The result shows the name of the managing switch and port, and the traceroute transcript.

Related topic

Quarantining endpoints

Was this page helpful? Yes No Submitting... Thank you
Last modified by Sulekha Gulati on May 18, 2018
concept overview action quarantine endpoint job

Comments

Log in or register to comment.

About network span actions
About Virtual Data Center
© Copyright 2013 - 2019 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.