Configuration checklist¶
The following checklist outlines the recommended order of configuration steps to fully set up a Plixer Scrutinizer deployment:
Note
Click on a checklist item for additional information and detailed instructions related to that configuration step.
Configuration step |
Function/Benefit |
Deploy the Plixer Scrutinizer hardware/physical or virtual appliance in your environment. |
|
Run the setup questionnaire from the appliance terminal to configure an IP address, DNS hostname, NTP server, and HTTPS certificate. |
|
Configure exporters/network devices to send flows to Plixer Scrutinizer (or a Plixer Replicator, if applicable) |
|
Configure an SMTP server to enable email notifications for Alarms/events and on-demand/scheduled email reports. |
|
Configure SNMP credentials to enable importing of exporter names, interface names, and interface speeds. |
|
Create additional accounts/logins to customize settings and preferences for individual users. |
|
Create usergroups to manage permissions and access levels for different users. |
|
Define rules for applications that are unique to your network to enhance reporting, filtering, and other functions. |
|
Assign resources specific to your organization to IP Groups, which are used in reporting, filtering, and managing analytics inclusions/exclusions. |
|
Improve your security posture and simplify user management by leveraging AD, LDAP, SSO, Radius, and/or TACACS for user authentication. |
|
Modify historical data retention settings to support your organization’s archival and forensics needs. |
|
Populate the default Security Groups (Firewalls, Core Exporters, Edge Exporters, Defender Probes) to automatically add devices to recommended Flow Analytics algorithms. |
|
Verify that the DNS Servers, Public WiFi, Network Scanners, and SNMP Pollers IP Groups are populated to automatically add recommended exclusions to Flow Analytics algorithms. |
|
Define additional inclusions and exclusions (including custom Security Groups and IP Groups) for individual Flow Analytics algorithms. |
|
Organize exporters into groups to quickly find data sources, enable group report filters, and generate customizable network maps. |
|
Create/customize one or more dashboards to consolidate frequently used views and drive workflows through the Plixer One Platform. |
|
Create saved reports to quickly re-run the same report configuration with a single click. |
|
Add thresholds to saved reports to proactively watch for specific traffic/behaviors and trigger Alarms (and Notification Profiles) when the specified conditions are met. |
|
Set up scheduled email reports to automatically re-run and send important reports as emails to any inbox. |
|
Create Notification Profiles that can be assigned to Alarm Policies to automatically send emails, forward details to your SIEM, or run custom scripts to do absolutely anything. |
|
Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection, in Plixer One Network or Plixer One Security. |
|
Review, modify, or add inclusions/sources for ingestion and modeling by the Plixer ML Engine. |
|
Review, modify, or add dimensions/traffic that should be monitored by the Plixer ML Engine. |
|
Enable host indexing to allow for quick lookups of any hosts that have passed traffic on your network. |
|
Allocate sufficient CPU and memory to support expected flow rates and enabled features. |
|
Expand allocated disk space to support expected flow rates and configured data retention settings. |