Long Arrow Right External Link angle-right Search Times Spinner angle-left

Creating Tags

The use of Tags requires Agent version 6.0 or greater

Tags are a collection of items that can be applied to Network policies with Ringfencing. They can contain strings, with or without wildcards, IPv4 addresses or IPv6 addresses. Tags are very efficient to manage and any changes made to the tag are automatically applied to the endpoints. The same tag can be easily applied to multiple policies. 

Creating Tags

To create a tag, navigate to 'Application Control'. Then select the 'Tags' tab to open the tag window. 

undefined

Next select 'New Tag' and that will open the 'Manage Tag Items' window. Type a name for the tag and click 'Save'. Now you can add items to the tag.

undefined

undefined

Adding Items to a Tag

Adding a text string to a tag

Choose 'text' from the 'Value' dropdown menu and then type in the text you wish to include in the tag. You can use wildcards in the text string. 

undefined

Next you will click 'Add' which will add that text string to the tag. 

undefined

Adding a single IPv4 address to a tag

Choose 'IPv4' from the 'Value' dropdown menu and then type the address you want to include in the tag.  

undefined

Then click 'Add' and that address will be applied to the tag.

undefined

Adding an entire subnet of IPv4 addresses to a tag

Choose 'IPv4' from the 'Value' dropdown menu and then type the address of the subnet you want to include in the tag using CIDR notation. 

undefined

Once you click 'Add' that entire subnet of addresses is added to the tag.

undefined

Choose 'IPv6' from the 'Value' dropdown menu and then type the address you want to include in the tag.  

undefined

Then click 'Add' and that address will be applied to the tag.

undefined

*It is important to note that you can not specify a port number with a tag.*

Deleting items from a tag

Navigate to 'Application Control', 'Tags', and click the pencil icon next to the tag you wish to edit to open the 'Manage Tag Items' window. Click the 'Delete' button next to the corresponding item you wish to remove from the tag.

Updating the name of the tag

If you would like to change the name of your tag, type the changes into the text box and then click the 'Update' button.

undefined

Adding a tag to a policy

In the ThreatLocker Portal, navigate to 'Application Control' and then 'Policies'. Select the Network policy you want to add the tag to. 

undefined

This example shows the tag 'ThreatLocker\Microsoft 365 (Built-in)' is being permitted on any port.

undefined

You can add multiple tags from this same window. Once you have added tags, you need to click 'Deploy Policies' to apply the updated policy to the end users. 

Adding tags through the Unified Audit

In the ThreatLocker Portal, navigate to 'Unified Audit'. Select Ringfenced in the 'Action' dropdown menu and click 'Search' to see all Ringfenced items. You can then choose the item, and click 'Add to Tag' to open the 'Manage Tag Items' window. 

undefined

Then choose the tag name you want to add to and ThreatLocker will have pre-populated the information into the textbox for you. If a port number was populated, please delete it before clicking 'Add' to add the item to the tag. Remember, changes to tags are automatically applied to endpoints.

undefined

Removing tags from a policy

In the ThreatLocker Portal, navigate to 'Application Control' and then 'Policies'. Select the Network policy you want to remove the tag from. Under the 'Internet' tab, select the tag you want to remove from the 'Server' dropdown menu. Click the trash can icon to remove the tag from the policy. Click 'Deploy Policies' to apply the updated policy to the end users. 

undefined

Viewing tags

Tags are easily identified within a policy by their highlighted tag-like appearance. In the example below, 'ThreatLocker\Microsoft 356 (Built-In)' is a tag, and '10.0.0.1' is not.

undefined