-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
Group Assignment with Capture Client
05/22/2024 
7 People found this article helpful
481,268 Views
Description
This article talks about how a group gets assigned to a device where the capture client is installed.
Resolution
Devices are only assigned to groups the first time the client registers to the console. Group assignment is not updated after the client has registered. This was a design choice to better control the group assignment process. Therefore, even if group rules (or device info) are changed, the device will stay in the groups it was initially put in.
Explaning it with an Example:-
I have 2 rule as below:-
1) Group-Name:- Group1-skesarwa
Rule:- Device ID doesn't match ([A-Z,0-9]+\-[A-Z,0-9]+\-[A-Z,0-9]+\-[A-Z,0-9]+\-[A-Z,0-9]+)
Policy Name :- skesarwa-test1-policy
2) Group-Name:- Group2-skesarwa
Rule:- Processor Type matches x86_64
Policy Name :- skesarwa-test2-policy
Under Security Policies:- Capture Client: Policy Priority is as below:-
1)skesarwa-test1-policy
2)skesarwa-test2-policy
Device IDs tested:
D11D4BD1-2CB1-98C2-E3CB-DE0549608644 || {D11D4BD1-2CB1-98C2-E3CB-DE0549608644}
Result of /client/getPolicy:
{
"policyId": "4bb31d6d-ba7b-4133-83fd-fa929ac3e4e3",
"enforced": true,
"priority": 6000,
"enforcedFWs": [],
"agentPolicies": [],
"_id": "5ad4e483219eed4a82fda1fc",
"releaseGuid": "03466007-58b4-463f-a68d-c3d73e6f89b8",
"isUserValidated": true,
"policyName": "skesarwa-test2-policy",
"policyTs": 1523901571,
"tenant": "5ab95c25d6a12b762756fd08",
"__v": 0,
"policyVersion": "2",
"uninstallPwd": "47590f541eda7600b7c5494cf52b06f55ef1642449ff785db3d16dbc51780e35",
"expiration": 9007199254740991,
"policyCode": "088800",
"policyErrString": "",
"vendor": ""
}
The device is assigned to Group2 but not Group1 and the policy applied is skesarwa-test2-policy for an example above.
The policy applied to the end device is the policy with the highest priority among all policies that are applicable for this user on this device.
skesarwa-test1-policy has higher priority than skesarwa-test2-policy. skesarwa-test1-policy is assigned to Group1 and skesarwa-test2-policy is assigned to Group2
A) If the user belongs to both Group1 and Group2, then skesarwa-test1-policy and skesarwa-test2-policy are both eligible (and so is the default policy, which is always enforced). skesarwa-test1-policy has higher priority than skesarwa-test2-policy, so skesarwa-test1-policy will be enforced.
B) If the user belongs only to Group2, then the only eligible policy is skesarwa-test2-policy (and the default policy). So the policy with highest priority is skesarwa-test2-policy, and this is the policy that will be enforced.
Related Articles
- How to Decommission and Remove Devices in Capture Client Console
- SonicWall Capture Client and Jamf Pro
- Capture Client – Pre-requisites for Windows
YES
NO