Networks
Description
Operator can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as IP address is.
Soffid supports both static and dynamic IP assignment. Anyway, static IP management does not exclude the use of DHCP o BOOTP protocols in order to get them.
Screen overview
&&TODO&&
Custon attributes
Basics
On the network group tab, you can view all the network attributes. It is allowed to add new networks, update or delete existing networks.
- Name: short name that identifies the network.
- Description: network description.
- IP Address: IP range of this network.
- IP Address mask: IP mask of this network.
- Internal network: activate this check box to indicate if this network is fully managed or not. What fully managed means changes on each organization. It use to means corporate office versus branch office. It affects mainly to access menu tree. Application entry points have different scripts or URLs for internal and external networks.
- Support DHCP: if enabled, hosts belonging to this network will be automatically registered.
- DHCP attributes: allows to enter additional parameters that DHCP server will use to assemble DHCP response. Usually it will have a gw=0.1.2.34 like parameter. It is only needed when a DCHP connector is configured.
- Used IPs: IP addresses used. This data is auto calculated
Access control
In order to delegate the management of IP addresses in this network range, Access Control List allows to select which users, groups or roles will be allowed to manage it.
- Restrict ESSO login: allows to restrict the access to the workstations of this network, otherwise, any Soffid user can log in.
Each Access Control List Entry has the following attributes:
- Access level: four levels are defined:
-
Without access: denies everything.
-
Query: allows to know about hosts on this network.
-
Support: allows to know about hosts on this network, and allows to manage the workstations on it. This option is fully tied to Single Sign On module.
-
Administration: allows to create, modify or remove hosts on this network.
-
- Mask: specifies a pattern that will be check against the host name in order to apply this authorization level.
-
Identity: specifies a user, group or role name.
- Description.
To add a new access control you can click the button with the add symbol (+), you have to select the grantee type (user, group or role), then you have to choose an user, group or role depending on the grantee selected, and finally set the acces level and the mask and apply the changes.
If you want to delete access controls, you must select one or more records from the list and clicking the button with the subtraction symbol (-).
Actions
Networks query
Query |
Allows to query networks through different search systems, Quick, Basic and Advanced. |
Add or remove columns |
Allows to show and hide columns in the table. |
Add new |
Allows to create a new network. |
Delete |
Allows to delete oner or more networks. |
Import |
Allows to upload a csv file to add, update or delete networks. |
Download CSV file |
Allows to download a csv file with the networks information. |
Networks detail
Apply changes |
Allows to create a network or to update an exist network. |
Undo |
Allows to quit without applying any changes. |
Access control
Add new |
Allows to create a new access control. |
Delete |
Allows to delete one or more access controls. |
Import |
Allows to upload a csv file to add, update or delete access controls. |
Download CSV file |
Allows to download a csv file with the basic access controls data. |
Restrict ESSO login |
Allows to restrict the access to the workstations of this network. |