Tags are collections of items that can be applied to Network Control policies and Application Control policies with Network Ringfencing. They can contain strings, with or without wildcards, IPv4 addresses or IPv6 addresses. Tags allow for efficient, centralized management of allowed network domains and IP addresses. The same tag can be easily applied to multiple policies.
Creating Tags within the ThreatLocker Portal
To create a tag, navigate to either 'Application Control' or 'Network Control' within the 'Modules'. dropdown on the navigational menu. Then, select the 'Tags' tab towards the top right to open the Tags page.
Next select the '+ New Tag' button and that will open the 'Create New Tag' panel. Type a name for the tag and add any domains or IP addresses which you would like to use. Click '+ Create Tag' to save and create this new tag.
Adding Items to an Existing Tag
Adding a Domain to a Tag
Click on a tag's name to edit the contents. Select 'Text' next to the text field and type in the domain you wish to include in the tag. You can use wildcards in the domain. Press the 'Save' button to commit these new changes.
Adding IPv4 Addresses to a Tag
Select 'IPv4' in the dropdown next to the text field and type the address or subnets you want to include in the tag. Single addresses and CIDR notation subnets are both acceptable formats.
Adding an IPv6 Address to a Tag
Select 'IPv6' in the dropdown next to the text field and type the address you want to include in the tag. Both full-length and shortened IPv6 address formats are acceptable.
Deleting an Item from a Tag
Select the trash can next to any tag item to delete it. These changes are not saved until you click 'Save' at the bottom of the 'Update Existing Tag' panel.
Updating the Name of a Tag
If you would like to change the name of your tag, type the changes into the 'Tag Name' text box and click the 'Save' button. These changes are not saved until you use the 'Update Tag' button.
Adding a Tag to a Policy
Within the Modules dropdown, navigate to 'Application Control' and 'Policies'. Select the Ringfenced policy you want to add the tag to.
Under the Internet Ringfencing section, you may specify tags using the dropdown if 'Allow Selected' is clicked to enable Internet Ringfencing. Choose the tag you want to add from the 'Server' dropdown menu. Built-in tags and tags from your parent account will be available in this dropdown menu.
You can add multiple tags from this same window. Once you have added tags, you click 'Update Policy' button. Remember to click the 'Deploy Policies' button to apply the updated policy to the end users.
Adding to Tags Through the Unified Audit
In the ThreatLocker Portal, navigate to 'Unified Audit'. In the 'Policy Action' dropdown menu, select Ringfenced and click 'Search' to see all Ringfenced items. You can then choose the item and click 'Add to Tag' from the side panel that will appear.
Select 'Add To Tag' then searching for the tag you wish to edit will open the 'Update Existing Tag' side panel.
Clicking the tag will open the 'Update Existing Tag' side panel with the Ringfenced address prefilled. The value will be automatically populated from the Unified Audite. Click the add icon to add the exclusion to the tag and 'Save' to commit this change.
Removing Tags from a Policy
Within Modules, navigate to 'Application Control' and then 'Policies'. Select the Ringfenced policy you want to remove the tag from.
Within the Internet Ringfencing section, find the tag and click the red circled - icon to remove the tag from the policy. Save this change with the 'Save' button, then deploy policies.