Part 2: Organizing your Tags Hierarchically
This is part 2 of a multi-part tutorial introducing QualysGuard Asset Management and Dynamic Tagging. In these tutorials we will guide you through the activation and setup of the new tagging features, and demonstrate some best practices to get the most value out of these powerful features.
As we mentioned in part 1, the Asset Groups and Business Units are automatically imported into the Asset Management module. They can be seen in the asset tags tree. To begin with, they are imported as a simple, flat, list.
Clicking on asset groups will expand the tags beneath. The names of the tags for your business units and asset groups are kept in sync with the names they are given in the VM Module in QualysGuard.
In this example, the person who configured the asset groups within the Vulnerability Management module has been very diligent in the naming convention. Geographies, for example, have the following naming convention:
Global - All Geographies
North America (NA) - Country
California (NA-CA) - Country & State
Sales Office (NA-CA-Sales) - Country/State and Site
However, these relationships within the asset group system have to be manually maintained. For example, if an IP changes within an individual site, each layer above has to be manually updated to include that IP, one by one. This is a very manual, time-consuming process, and is prone to errors.
Right now the tags in the Asset Management module are flat (no hierarchy) and unassociated. Lets change that. By giving the tags a hierarchial association, we can vastly simplify scanning, reporting, and searching for assets with these logical hierarchial relationships.
Example - Nested Geographies
To create a hierarchy within the geography tags, it's a simple case of drag and drop.
It’s important to note that the drag and drop fucntionality is only available in the asset tags tree here in the Asset List view, and not within the Tag List view in the Tags tab.
Lets start by putting all the sites within California under the California Tag. To begin, first place your mouse on the NA-CA-SF-Dev Tag:
Click and hold your mouse and move the mouse slightly, dragging the tag from the tree. You will see a replica of the tag appear with a symbol (a red stop sign) which indicates the tag is being dragged, but is not in a place where you can drop it.
While holding the mouse down, drag the tag over the NA-CA-SF tag. Notice the icon changed to a green "plus" sign. This means you can drop the tag here to associate it as a child of the NA-CA-SF tag.
Now release the mouse button and see that NA-CA-SF-Dev tag has become a child of the NA-CA-SF tag. From now on, any scans, reports, or searches for the NA-CA-SF tag, will also return all assets with the NA-CA-SF-Dev tag.
Continue the organizational process, dragging and dropping each tag onto its logical parent, until the location structure is completed for the geographies. You will notice how each tag appears under the parent tag now, in small little tree. The trees of tags can be as deep as you need them to be - there is no limit.
Adding Some Color
The visual representation of tags throughout the application includes a "color", and is a very useful way to show the different classes of tags in a glance. Of course there many ways to select a color scheme and the following is just an example of coloring by depth.
North America (NA) - Country - RED
California (NA-CA) - Country & State - ORANGE
Sales Office (NA-CA-Sales) - Country/State and Site - GREEN
Right-click on a tag, and select the Tag Color sub-menu. Choose any color, for this example, we'll choose red. Repeat the process with the different colors for different tags. When complete, you will see your geography tags now colored by depth. There are other ways to edit the color of a tag, but we will cover those in later posts.
Using colors is a great way to help distiguish different types or different depths of tags quickly. These colors will appear on the tags anywhere in the application they are displayed: on assets, reports, selection boxes, and trees.
In this posting (Part 2) we have arranged all the imported tags in a nested tree-like structure which gives a hierarchy to the tags. Now we have a tag tree that far better represents the business, geography and technical organization. By adding color to the tags we can see a visual relationship very quickly.
By nesting the tags in this way, we have made the scan-, teport-, and search-by-tag very powerful - they will always include all assets with any of their child tags, without the need to manually update the IP lists on the parent tags. For example if you run a scan of the whole "US" geography tag, it is now certain to include all the associated US geographies (sites, offices, etc) under the "US" geography site tag. If you run a report against all Windows operating systems, then it will include all variants as long as the tree structure has been set to have the variants nested under the "Windows" tag.
You can create any kinds of hierarchies that you want - and you can create as MANY as you want - so you can organize your assets in several ways simultaneously. Assets can have as many tags as you desire - so feel free to create several trees and apply several tags to every asset to organize in new ways.
These tags are just the tags imported from your existing asset groups and business units. But you can create many more, both static and dynamic. So now it’s time to take the next step and create some of our own tags. Go to part 3 where we will guide you through the creation of your own tags.