Raritan Computer CC-SG User Manual

94 C

OMMAND

C

ENTER

S

ECURE

G

ATEWAY

A

DMINISTRATOR

G

UIDE

4. If you want to add another rule, click Add New Row again, and make the necessary

configurations. Configuring multiple rules will allow more precise descriptions by providing
multiple criteria for evaluating nodes.

5. If you want to remove a rule, highlight the rule in the table, and then click Remove Row.
6. The table of rules only makes available criteria for evaluating nodes. To write a description

for the node group, add the rules by Rule Name to the Short Expression field. If the
description only requires a single rule, then simply type that rule’s name in the field. If
multiple rules are being evaluated, type the rules into the field using a set of logical operators
to describe the rules in relation to each other:
• & - the AND operator. A node must satisfy rules on both sides of this operator for the

description (or that section of a description) to be evaluated as true.

• | - the OR operator. A node only needs to satisfy one rule on either side of this operator

for the description (or that section of a description) to be evaluated as true.

• ( and ) – grouping operators. This breaks the description into a subsection contained

within the parentheses. The section within the parentheses is evaluated first before the
rest of the description is compared to the node. Parenthetical groups can be nested inside
another parenthetical group.

For example: If you simply want to describe nodes that belong to the engineering department,
create a rule that says Department = Engineering, this will become Rule0. Then
simply type Rule0 in the Short Expression field.

Another example: If you want to describe a group of nodes that belong to the engineering
department, OR are located in Philadelphia, and specify that all of the machines must have 1
GB of memory you need to start by creating three rules. Department = Engineering
(Rule0) Location = Philadelphia (Rule1) Memory = 1GB (Rule2).These rules
need to be arranged in relation to each other. Since the node can either belong to the
engineering department or be located in Philadelphia, use the OR operator, |, to join the two:
Rule0|Rule1

. We will make this comparison first by enclosing it parentheses:

(Rule0|Rule1)

. Finally, since the nodes must both satisfy this comparison AND contain

1GB of memory, we use the AND connector, &, to join this section with Rule2:
(Rule0|Rule1)&Rule2

. Type this final expression in the Short Expression field.

7. Click Validate when a description has been written in the Short Expression field. If the

description is formed incorrectly, you will receive a warning. If the description is formed
correctly, a normalized form of the expression will appear in the Normalized Expression
field.

8. Click View Nodes to see what nodes satisfy this expression. A Nodes in Node Group

window will appear displaying the nodes that will be grouped by the current expression. This
can be used to check if the description was correctly written. If not, you can return to the
rules table or the Short Expression field to make adjustments.

9. If you know you want to create a policy that allows access to the nodes in this group at any

time, check Create Full Access Policy For This Group.

10. When you are done describing the nodes that belong in this group, click Add to create the

node group. The group will be added to the list of Node Groups on the left.