In any given business, you could have hundreds, maybe even thousands of applications. Even if you are just getting started, it’s likely you have a handful of applications. However, as unique as applications can be, they tend to share some similarities.
For example, you might have applications that process or store sensitive information, maybe even personally identifiable information for your users. Since attacks are often aimed at these types of applications, you will definitely want to make sure your policies that identify high and critical threat security vulnerabilities are included during the evaluation of these types of applications.
Unfortunately, especially as the number of applications in your business increases, identifying an application by name may not be helpful. To address this, tags provide a way to quickly identify characteristics of an application.
Using specific text and color, tags can help group particular applications with similar attributes. While the tag can ultimately be anything you want, and attached to any application, you will want to take a much more thought-out approach, similar to what is recommended for labels.
As we will see later, in order to maximize the benefits tags can offer, you will want to take advantage of tag matching between policies and applications. For now though, let’s see how to create, apply, and delete tags.
Tags are created, edited, and deleted at the organization level and then applied individually for each application. There are two key ways to create a tag, again, only done at the organization level.
To create a tag:
on the IQ Server
toolbar.
Click the New Tag button.
Set the following attributes of a tag:
Click the Save button.
If you made a mistake and want to edit the tag, simply click on the tag body (anything but the x), and you can edit the tag information. However, if you want to permanently delete the tag, click on the x.
![[Note]](images/icons/note.png){kind=icon}
|
|
|
Deleting any tag will ask for you to confirm, since that action can not be undone. If the tag is currently applied to an application you will be shown the names of all applications that would be affected before you confirm the deletion. You will not be able to delete a tag that has already been related to a policy, and will be shown the names of any related policies if you try. Should you still wish to delete the tag, you will have to disassociate it from any related policies first. |
In most cases, the people applying tags may be different from those creating them. It is important though to understand that while tags are provided to identify characteristics of an application, a more important usage is to provide a way for policy managers to create specific policies that consider those application characteristics. For this reason, when applying a tag, your application may be evaluated by a specific set of policies. This is a good thing, but it also makes the application of tags an act that requires careful consideration. To apply a tag to an application, follow the instructions below.
![[Tip]](images/icons/tip.png){kind=icon}
|
|
|
Mouse over a tag to see the full description. |
By now, you have likely created tags, and perhaps even applied some to your applications. Those are great features, but the real power of tags comes when we match a policy to a specific set of applications.
Up to this point (before tags), an organization-level policy would apply to all applications. To address this, you could create a new organization, or develop specific policies for each application, but in both cases, that results in a lot of micromanagement. In contrast, tags provide an opportunity to create a policy and then pick unique groups of applications (based on their applied tags) the policy should be evaluated against.
Given this, it is important to think about the applications your business develops, as well as the types of policies you will use to evaluate your applications. Elements like the type of data, the exposure (public or private), as well as whether or not the application interfaces with the Internet, are a great place to start.
When you create your tags, make sure that it’s clear to users that will be using the tags. In other words, it shouldn’t be ambiguous as to the type of applications the tags represent. For example instead of creating the tag, External, a more descriptive tag would be Distributed. Some additional tag suggestions might be:
These are just suggestions of course, but you should get the key point. When adding a tag to an application, you can expect policies that have identified the same tag to be evaluated against your application.
Now, that’s quite a bit of discussion on the theory and proper way to utilize tags, let’s take a look at how to make the match happen.
To select the tag a policy will be evaluated against:
Policies that have been set to match applications with specific tags are visible in the same area as all other policies. However, there is a slight difference between what is displayed at the organization level and the application level.
Only the policies that an application is evaluated against will be displayed in the Policy tab. This includes:
|
|
|
|
When viewing policies at the application level, be sure to look for the
special tag icon
|
