Tag Management in Netmaker enables administrators to organize and manage devices within a network by applying tags. Tags simplify the process of grouping, categorizing, and managing nodes, making network management more efficient and scalable.

What is Tag ManagementCopied!

Tags are labels that can be assigned to devices in a network. Instead of managing nodes individually, you can group them by assigning tags that reflect their roles, environments, or other relevant attributes. This categorization helps streamline administrative tasks, such as access control, resource allocation, and policy enforcement.

With Netmaker's Tag Management, administrators gain the ability to easily group and manage devices, improving both security and operational efficiency.

Key Features of Tag ManagementCopied!

• Tagging devices: Administrators can assign tags to devices either manually or automatically.

• Peer Auto-grouping: Devices can be automatically grouped based on the enrollment key used when they join the network.

• Efficient Management: Grouping devices by tags makes it much easier to apply policies, manage resources, or enforce network segmentation based on categories.

PRO Feature: Tag management is available as part of the Netmaker PRO offering, enabling advanced network management capabilities.

How to Use Tag ManagementCopied!

Administrators can tag devices either during or after their enrollment into the network.

Tagging Devices from the Node Interface:

• Since v0.90.0, administrators can now tag devices directly from the node interface. Simply navigate to the node interface, select the device you wish to tag, and click Update tags.

  

• Assign the appropriate tag from the available options.

  

  Manually Grouping Devices:

  1. Admins also have the option to manually group devices by going to the Tag Manager interface and adding one or more tags.

     

  1. Select the device(s) you want to assign to a specific tag or group. Since version 0.90.0, admins also have the option to select a color for the tag, providing a visual distinction for easier organization.

     

  2. Click on "Create Tag" to generate the tag.

  Automatically Grouping Devices via Enrollment Keys:

  1. Create an Enrollment Key or edit an existing one in the Enrollment Keys screen.

     

  2. Associate the enrollment key with a specific tag.

     

  3. You can also modify an existing Enrollment Key.

  4. Any new device joining the network with this key will automatically be grouped with the defined tags or groups.

Use Cases for Tag ManagementCopied!

• Network Segmentation: Tagging can be used to logically segment devices based on their role, location, or environment. For example:

  • tags: “prod”, “dev”, “staging”

  • tags: “internal”, “external”, “frontend”, “backend”, “web-servers”, “file-servers”

• Access Control: Tags simplify the process of applying Access Control Lists (ACLs) to groups of devices. For instance, all devices tagged as "external" can be denied access to certain internal services, while "internal" devices are granted full access.

• Node Identification: Tags make it easier to identify devices with specific characteristics, such as location, purpose, or criticality (e.g., “critical”, “backup”).

Best Practices for Tag ManagementCopied!

• Use Descriptive Tag Names: Ensure that tag names are clear and descriptive, such as “dev”, “prod”, “external”, or “critical”.

• Consistent Tagging: Establish consistent naming conventions to avoid confusion. For example, use lowercase letters and hyphens or underscores to separate words (e.g., “ext-client” vs. “extClient”).

• Document Tag Purposes: Keep a record of what each tag is used for, so other administrators or team members can quickly understand its purpose.