Skip to main content

Configuration

Network Settings

In the Configuration > Network Settings page, you can configure settings related to Network inventory, such as: saving filters, retaining the last browsed location, creating and managing scheduled rules for deleting unused endpoints.

The options are organized into the following sections:

General Network inventory settings

Under the Network Inventory settings section, the following options are available:

  • Save Network inventory filters. Select this option to save your filters in the Network page between Control Center sessions.

  • Remember last browsed location in Network inventory until I log out. Select this check box to save the last location you have accessed when leaving the Network page. The location is not saved between sessions.

  • Automatically copy the label of the Relay to connected endpoints, if not specified otherwise. Select this option if you want the label you assigned to a specific relay to be automatically added to all endpoints assigned to it.

    Note

    This will not overwrite any labels previously added to said endpoints.

  • Avoid duplicates of cloned endpoints. Select this option to enable a new type of network objects in GravityZone, called golden images. This way you can differentiate the source endpoints from their clones. Further on, you need to mark each endpoint you clone as follows:

    1. Log in to GravityZone Control Center.

    2. Go to the Network page from the left side menu.

    3. Select the endpoint you want to clone.

    4. From its contextual menu, select Mark as Golden Image.

  • Add MAC address to endpoint name. Select this option if you want to view the MAC address of the endpoint at the end of its name in Network Inventory. This option applies only to endpoints in Custom Groups and to VMware inventories, after thy synchronize with Control Center.

Offline machines cleanup

Under the Configuration > Network Settings > Offline machines clean up section, create rules to automatically delete unused endpoints from the Network Inventory.

configuration-offline_machines-cleanup-on_premises.png

Creating rules

To create a cleanup rule:

  1. Under the Offline machines cleanup section, click the Add rule button. The configuration page is displayed.

  2. Enter a rule name.

  3. Specify the amount of time for which the machines are offline. Select the time unit - hours or days, from the drop-down list, and enter the number in the next field.

  4. Under the Cleanup criteria section, select the hour when the rule should start to run.

    If you select hours, the rule applies every hour, starting with the one you have selected.

    If you select days, the rule applies daily at the specified hour.

  5. Enter a name pattern, which can apply to all endpoints. This field is case sensitive and accepts only letters, digits, wildcards (* and ?), underscore (_), and hyphen (-). For example, use machine_1 to delete the machine with this name, or machine_* to delete all machines whose name begin with machine_. Or you can use * to apply the rule to all machines regardless their name.

    Note

    The asterisk (*) wildcard can replace mulnotele characters, while the question mark (?) wildcard can only replace one character.

  6. Select the target groups of endpoints in Network inventory where to apply the rule.

  7. Click Save.

Note

The cleanup rules can be set for the following intervals:

  • Between 1 and 730 days

  • Between 1 and 23 hours

Viewing and managing rules

The Network Settings > Offline machines cleanup section displays all the rules you have created. A dedicated table provides you with the following details:

  • Rule name

  • The number of days since the machines went offline

  • Machine name pattern

  • Location in the Network Inventory

  • The number of machines deleted in the last 24 hours

  • State: enabled, disabled, or invalid

    Note

    A rule is invalid when targets are no longer valid, due to certain reasons. For example, the endpoints have been deleted or you do not have access to them anymore.

A newly created rule is enabled by default. You can enable and disable rules at any time by using the On/Off switch in the State column.

If needed, use the sorting and filtering options at the upper side of the table to find specific rules.

To modify a rule:

  1. Click the name of the rule.

  2. In the configuration page, edit the rule details.

  3. Click Save.

Security Server Settings

Security Servers use their caching mechanism to deduplicate antimalware scanning, optimizing this process. One step further with scanning optimization is to share this cache with other Security Servers.

Cache sharing works only between Security Servers of the same type. For example, a Security Server Multi-Platform will share its cache only with another Security Server Multi-Platform and not with a Security Server for NSX.

To enable and configure cache sharing:

  1. Go to the Configuration > Security Server Settings page.

  2. Select the Security Server Cache Sharing check box.

  3. Choose the sharing scope:

    • All available Security Servers. It is recommended to use this option if all Security Servers are in the same network.

    • Security Servers available in the Assignment list. Use this option when Security Servers are spread in different networks and cache sharing may generate a high amount of traffic.

  4. If limiting the scope, create the group of Security Servers.

    1. Select the Security Servers from the drop-down list and click Add.

      Only Security Servers in the table will share their cache.

    Note

    Security Servers for NSX-T and NSX-V exchange cache information only within the same vCenter Server.

  5. Click Save.

In this section: