Manage zones

You can use zones to group and manage Aurora Protect Desktop devices and Aurora Focus devices. You can group devices based on geography (for example, Asia and Europe), function (for example, Sales and IT staff), or by any criteria that your organization requires.

You can assign a device policy to a zone and apply that device policy to the Aurora Protect Desktop and Aurora Focus devices that belong to that zone. You can also add a zone rule that can assign devices to a zone based on selected criteria, like domain name, IP address range, or operating system. A zone rule will add new devices to the zone if the device meets the rule requirements.

  1. In the management console, on the menu bar, click Zones. Do any of the following:
    • To sort zones in ascending or descending order by a column, click the name of the column.
    • To filter the zones, click Filter icon on a column and type or select the filter criteria.
  2. Do any of the following:

    Task

    Steps

    View the details for a zone.

    Click a zone name.

    Add a new zone.
    1. Click Add New Zone.
    2. In the Zone Name field, type a name for the zone.
    3. In the Policy drop-down list, click a device policy to associate with the zone.
    4. In the Value field, select the priority level that you want to automatically set for threats found on devices in the zone. For example, you can set the Value field to High in this zone, so that all threats found on devices in this zone will have their Priority field set to High. If a device is in more than one zone, the higher priority value is set.

      The priority level for threats are found on the Protection > Threats page. This setting has no impact on managing Alerts, Zones, Policies or Devices from the respective pages.

    5. Click Save.

    Remove a zone.
    1. Select one or more zones.
    2. Click Remove.
    3. Click Yes.

    Create a zone rule.

    You need to perform and save a device query, then use the saved query to create a zone rule, which automatically adds devices to the zone. The list of devices in the results of the saved query indicates the devices that are automatically added to the zone. For information about saving queries, see Manage Aurora Protect Desktop and Aurora Focus devices.

    When viewing the details of a zone:

    1. Click Create Rule.
    2. Select a saved query. The query can contain any of these fields only; if a query contains a field that is not in this list, you cannot use it:
      • Device name
      • DNS name
      • IP addresses
      • MAC addresses
      • OS version
      • OS build/kernel version
      • Distinguished Name
      • Member of (LDAP)
    3. If you want to automatically apply the device policy that's associated with the zone, select Apply zone policy to devices when they are added to the zone. This option is not available if the associated device policy is set to None.
    4. If you want to automatically remove devices that do not match the criteria of the zone rule from the zone, select Remove devices automatically from this zone. This only affects devices that follow the zone rules. If you don't want to associate and apply a device policy to devices in this zone, select None.
    5. Click Save.

    Add devices to a zone.

    The maximum number of zones a device can belong to is 75. If a device is a member of more than 75 zones, there may be unexpected results with the policy and agent assignment or an error message indicating "Failed to add selected Devices to selected Zones."

    1. Click a zone name.
    2. On the Devices tab, click Add Device to Zone.
    3. Select the devices that you want to add.
    4. If you want to apply the zone device policy to those devices, select the Apply zone policy to selected devices check box.
    5. Click Save.

    Apply the zone device policy to all users in a zone.

    This action replaces any device policies that are currently assigned to devices with the device policy that is currently assigned to the zone.

    1. Click a zone name.
    2. Select the Apply to all devices in this zone check box.
    3. Click Save.

    Copy devices to another zone.
    1. Click a zone name.
    2. On the Devices tab, select one or more devices.
    3. Click Copy Device.
    4. Select one or more zones.
    5. Click Save.

    Remove devices from a zone.
    1. Click a zone name.
    2. On the Devices tab, select one or more devices.
    3. Click Remove Device from Zone.
    4. Click Yes.

    Use zones to manage agent updates.

    You can create zone-based update rules to update the Aurora Protect Desktop and Aurora Focus agents on devices. For more information, see the Setup content.