2.8.8 Managing the network control list
By using the network control list, you can control network access at the device level. You can also specify a time period during which a device is permitted to access the network. Newly discovered devices are automatically registered in the network control list, but an administrator can register devices manually when needed.
To control network access at the device level, add devices to the network control list.
You can change the network access of a specific device by editing its entry in the network control list.
Devices that were manually added to the network control list, and devices that are out of the network control list automatic update target in a multi-server configuration can be removed from the list.
Information (in the network control list) about whether the devices are permitted to connect to the network can be exported or imported from the operation window.
Fore details about managing the network control list, see the description of managing the network control list in the manual JP1/IT Desktop Management 2 Administration Guide.
- Tip
-
By combining network monitor settings with the contents of the network control list, you can use a whitelist or blacklist approach to controlling network access.
- Tip
-
You can update the network control list for the management server by executing the network control command (jdnrnetctrl command).
- Tip
-
-
When the Enable all automatic updates check box is selected in the Automatic Updates on Network Filter List dialog box: If you delete a device whose network access is set to Permit, the device is also deleted from the network control list. This prevents the information for the device from being misused in the future. Conversely, if you delete a device whose network access is set to Not Permit, the device remains in the network control list to ensure the Not Permit setting is maintained if the device is changed.
-
When the Enable all automatic updates check box is not selected in the Automatic Updates on Network Filter List dialog box (that is, automatic updating for only additions is enabled): If you delete a device, the entry for the device remains in the network control list regardless of whether Permit or Not Permit is set.
-
- Important
-
When you use a MAC address to enter a device in the network control list, the MAC address is correlated with any device information JP1/IT Desktop management collects for the device. This means that the host name or other information will be displayed instead of the MAC address. After this occurs, you can no longer delete the device from the network control list window. To delete such a device, use the Settings module.
- Tip
-
When you register new device information or edit existing device information in the network control list, the Reviewed check box of the device in question becomes selected. This check box indicates devices that require the administrator's attention and ensures that devices are not unintentionally blocked or permitted to connect to the network. The administrator must check the devices for which the Reviewed check box is selected, and then clear the check box after verifying that there are no problems. Note that the check box can be cleared at any time.
Related Topics: