Configuration checklist¶

The following checklist outlines the recommended order of configuration steps to fully set up a Plixer Scrutinizer deployment:

Note

Click on a checklist item for additional information and detailed instructions related to that configuration step.

Configuration step

Function/Benefit

Deploy instance

Deploy the Plixer Scrutinizer hardware/physical or virtual appliance in your environment.

Appliance setup

Run the setup questionnaire from the appliance terminal to configure an IP address, DNS hostname, NTP server, and HTTPS certificate.

Send flows

Configure exporters/network devices to send flows to Plixer Scrutinizer (or a Plixer Replicator, if applicable)

Email server

Configure an SMTP server to enable email notifications for Alarms/events and on-demand/scheduled email reports.

SNMP credentials

Configure SNMP credentials to enable importing of exporter names, interface names, and interface speeds.

Users

Create additional accounts/logins to customize settings and preferences for individual users.

Usergroups

Create usergroups to manage permissions and access levels for different users.

Defined applications

Define rules for applications that are unique to your network to enhance reporting, filtering, and other functions.

IP Groups

Assign resources specific to your organization to IP Groups, which are used in reporting, filtering, and managing analytics inclusions/exclusions.

External authentication

Improve your security posture and simplify user management by leveraging AD, LDAP, SSO, Radius, and/or TACACS for user authentication.

Data history settings

Modify historical data retention settings to support your organization’s archival and forensics needs.

Security Groups

Populate the default Security Groups (Firewalls, Core Exporters, Edge Exporters, Defender Probes) to automatically add devices to recommended Flow Analytics algorithms.

Exclusion IP Groups

Verify that the DNS Servers, Public WiFi, Network Scanners, and SNMP Pollers IP Groups are populated to automatically add recommended exclusions to Flow Analytics algorithms.

Flow Analytics inclusions

Define additional inclusions and exclusions (including custom Security Groups and IP Groups) for individual Flow Analytics algorithms.

Device/Mapping Groups

Organize exporters into groups to quickly find data sources, enable group report filters, and generate customizable network maps.

Dashboards

Create/customize one or more dashboards to consolidate frequently used views and drive workflows through the Plixer One Platform.

Saved reports

Create saved reports to quickly re-run the same report configuration with a single click.

Report thresholds

Add thresholds to saved reports to proactively watch for specific traffic/behaviors and trigger Alarms (and Notification Profiles) when the specified conditions are met.

Scheduled email reports

Set up scheduled email reports to automatically re-run and send important reports as emails to any inbox.

Notification Profiles

Create Notification Profiles that can be assigned to Alarm Policies to automatically send emails, forward details to your SIEM, or run custom scripts to do absolutely anything.

Deploy the Plixer ML Engine

Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection, in Plixer One Network or Plixer One Security.

ML inclusions

Review, modify, or add inclusions/sources for ingestion and modeling by the Plixer ML Engine.

ML dimensions

Review, modify, or add dimensions/traffic that should be monitored by the Plixer ML Engine.

Host indexing

Enable host indexing to allow for quick lookups of any hosts that have passed traffic on your network.

Resources

Allocate sufficient CPU and memory to support expected flow rates and enabled features.

Total disk space

Expand allocated disk space to support expected flow rates and configured data retention settings.