Important

   

Starting from version 8.9.03, BMC Network Automation is renamed to TrueSight Network Automation. This space contains information about TrueSight Network Automation 8.9.03 and the later service packs for 8.9. For earlier releases, see BMC Network Automation 8.9.

About endpoint quarantine actions

TrueSight Network Automation supports quarantine actions on network endpoints such as quarantine actions on a problematic server that is connected to the network through one or more switches.

These endpoint actions can be used to perform the following tasks:

  • Find the name of the closest switch to the specified endpoint.
  • Modify the configuration of the closest switch to the problematic endpoint. This is done for the purpose of restricting access, remediating the behavior of the endpoint (that is, connecting the endpoint to a remediation server), and later restoring network access to the endpoint.

Endpoint actions are initiated by users or by web services clients. Job approvals are the same as those available for other network span actions.

Endpoint action

Description

Find endpoint

Takes as input an endpoint IP address and a bounding span within which to search (entire network is an option). After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The pop-up shows the name of the managing switch and port, the traceroute transcript, and a list of the devices traversed by the action.

Quarantine endpoint

Takes as input an annotation, an endpoint IP address, a bounding span within which to search, and optional flags to perform trailing commit and mark-as-trusted operations. This action quarantines the endpoint according to the isolation level chosen. The following isolation levels are available:

  • Disable Port
  • Block Endpoint
  • Remediate Endpoint via ACL
  • Remediate Endpoint via VLAN

After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The result shows the name of the managing switch and port, the traceroute transcript, and a list of the devices traversed by the action.

Unquarantine endpoint

Takes as input an annotation, and endpoint IP address, and optional flags to perform trailing commit and mark-as-trusted operations. When the action executes, it undoes the effects of the quarantine. After a job is run, the Job Details page displays the input parameters and the completion status (for example, Succeeded). Select the status value in the Job Details page to view the results in a pop-up. The result shows the name of the managing switch and port, and the traceroute transcript.

Related topic

Quarantining endpoints

Was this page helpful? Yes No Submitting... Thank you

Comments