Skip to main content

Networks

Description

Operator can define the subnets that compose the internal network, in order to manage the IP address space. The main goal is to manage a limited resource as IP address is.

Soffid supports both static and dynamic IP assignment. Anyway, static IP management does not exclude the use of DHCP o BOOTP protocols in order to get them.

Search Types

You can search for groups created in the system by applying different ways of searching: 

Quick

This option allows quick search by fields that have been defined in the application metadata.

Basic

This is the default option. It provides some default search criteria, but other criteria can be added from the add criteria option. 

Each search criterion will have different search forms depending on the type of data in the particular field. For example, a text field provide four different options to search, "Contains", "Start with", "End with" and "Equals", a date field provide the date "Since" and date "Until".

Each criterion will be added to the previous ones.

Advanced

This option allows an advanced search system using the SCIM standard

You can access to SCIM Chapter for more information

Screen overview

&&TODO&&

Custon attributes

Basics

On the network group tab, you can view all the network attributes. It is allowed to add new networks,  update or delete existing networks.

  • Name: short name that identifies the network.
  • Description: network description.
  • IP Address: IP range of this network.
  • IP Address mask: IP mask of this network.
  • Internal network: activate this check box to indicate if this network is fully managed or not. What fully managed means changes on each organization. It use to means corporate office versus branch office. It affects mainly to access menu tree. Application entry points have different scripts or URLs for internal and external networks.
  • Support DHCP: if enabled, hosts belonging to this network will be automatically registered.
  • DHCP attributes: allows to enter additional parameters that DHCP server will use to assemble DHCP response. Usually it will have a gw=0.1.2.34 like parameter. It is only needed when a DCHP connector is configured.
  • Used IPs: IP addresses used. This data is auto calculated

Access control

In order to delegate the management of IP addresses in this network range, Access Control List allows to select which users, groups or roles will be allowed to manage it.

  • Restrict ESSO login: allows to restrict the access to the workstations of this network, otherwise, any Soffid user can log in.

Each Access Control List Entry has the following attributes:

  • Access level: four levels are defined:
    • Without access: denies everything.

    • Query: allows to know about hosts on this network.

    • Support: allows to know about hosts on this network, and allows to manage the workstations on it. This option is fully tied to Single Sign On module.

    • Administration: allows to create, modify or remove hosts on this network.

  • Mask: specifies a pattern that will be check against the host name in order to apply this authorization level.
  • Identity: specifies a user, group or role name.

  • Description.

To add a new access control you can click the button with the add symbol (+), you have to select the grantee type (user, group or role), then you have to choose an user, group or role depending on the grantee selected, and finally set the acces level and the mask and apply the changes.

If you want to delete access controls,  you must select one or more records from the list and clicking the button with the subtraction symbol (-). 

Actions

Networks query

Query Allows to query networks through different search systems, Quick, Basic and Advanced.
Add or remove columns Allows to show and hide columns in the table.
Add new Allows to create a new network.
Delete Allows to delete oner or more networks.
Import Allows to upload a csv file to add, update or delete networks.
Download CSV file Allows to download a csv file with the networks information.

Networks detail

Apply changes Allows to create a network or to update an exist network.
UndoAllows to quit without applying any changes.
Access control
Add new Allows to create a new access control.
Delete Allows to delete one or more access controls.
Import Allows to upload a csv file to add, update or delete access controls.
Download CSV file Allows to download a csv file with the basic access controls data.
Restrict ESSO login Allows to restrict the access to the workstations of this network.