Axis Security highly recommends using application tags to group users, group applications by use case, or map applications. Application tags are a powerful feature that provides the following key benefits:
- Better security management: Adds or removes applications from one application tag instead of several policy rules.
- Better rule management: Destinations are changed elsewhere with no need to edit the policy rule.
Axis Security recommends using application tags to group users, group applications by use case, or map applications. This way, administrators can create policies for tags instead of apps. This typically means fewer policy rules and is easier to manage at scale. In addition, when an administrator adds a new application if there is an application tag in a policy rule the application is added automatically to all the rules whose destinations include the tag.
Policy rules contain destinations (applications). When administrators add applications to a rule, they must manually enter the application in the rule form, unless they use application tags. Ideally, applications are tagged. Then, instead of adding individual applications as destinations to a rule, administrators can just add the tags. Later, when the administrator edits the tag to add or remove applications, there is no need to alter the policy rule directly.
Within the Axis configuration, a policy binds several important elements together:
- context and destinations (applications and tags)
Axis recommends leveraging application tags instead of modifying the application list in a rule directly whenever possible. The advantage from a security and operations perspective is that accidental errors at the global policy level are minimized and configuration adjustments are more efficient.
- In the Management Console, click Settings -> Applications
- Click Tags
- Click New Tag
- Enter a name.
- Select the relevant applications from the drop-down menu.
- Click Submit.
Click Apply Changes in the top menu bar.
Updated almost 2 years ago