Add and configure a zone

If you want to add a zone rule to the zone, you need to create and save a query from the Assets > Devices screen. The list of devices in the results of the saved query indicates the devices that will be automatically added to the zone.
  1. In the management console, on the menu bar, click Zones.
  2. Click Add New Zone.
  3. In the Zone Name field, type a name for the zone.
  4. In the Policy drop-down list, click a device policy to associate with the zone.
  5. In the Value field, click the appropriate priority level for the zone. This setting has no impact on managing zones or devices.
  6. Click Save.
  7. In the zones list, click the name of the zone that you created.
  8. Do any of the following:
    Task Steps

    Add a zone rule to automatically add devices.

    You need a saved query to add a zone rule.

    1. Click Create Rule.
    2. Select a saved query. The query can contain any of the following fields only; if a query contains a field that is not in this list, you cannot use it:
      • Device name
      • DNS name
      • IP addresses
      • MAC addresses
      • OS version
      • OS build/kernel version
      • Distinguished Name
      • Member of (LDAP)
    3. If you want to automatically apply the device policy that's associated with the zone, select Apply zone policy to devices when they are added to the zone. This option is not available if the associated device policy is set to None.
    4. If you want to automatically remove devices that do not match the criteria of the zone rule from the zone, select Remove devices automatically from this zone. This only affects devices that follow the zone rules. If you don't want to associate and apply a device policy to devices in this zone, select None.
    5. Click Save.

    Manually add devices to the zone.

    When you manually add a device to a zone, the device ignores the zone rules by default. A device that ignores the zone rules will remain in the zone even when it doesn't match the zone rule criteria.

    1. On the Devices tab, click Add Device to Zone.
    2. Select the devices that you want to add. You can apply filters to find devices.
    3. If you want to apply the zone device policy to those devices, select the Apply zone policy to selected devices check box.
    4. Click Save.

    Apply the zone device policy to all the users in the zone.

    This action replaces any device policies that are currently assigned to devices with the device policy that is currently assigned to the zone. If you choose None for the associated policy, the option to automatically assign a policy will no longer be available. You also cannot apply a policy to all devices as the option will not be available.

    1. Select the Apply to all devices in this zone check box.
    2. Click Save.

    Set a device to follow or ignore a zone rule.

    In the list of devices in a zone, devices that follow that zone rule can be identified from the Zone Rule column. Devices that follow the zone rules are subject to automatic removal from the zone. Devices that ignore the zone rules will remain in the zone (unless you remove them manually).

    1. On the Devices tab, select one or more devices.
    2. Click Follow Zone Rule or Ignore Zone Rule.
    3. Click Yes.

    Copy devices to another zone.
    1. On the Devices tab, select one or more devices.
    2. Click Copy Device.
    3. Select one or more zones.
    4. Click Save.

    Remove devices from the zone.
    1. On the Devices tab, select one or more devices.
    2. Click Remove Device from Zone.
    3. Click Yes.