Configuration checklist

The following checklist outlines the recommended order of configuration steps to fully set up a Plixer Scrutinizer deployment:

Note

Click on a checklist item for additional information and detailed instructions related to that configuration step.

Configuration Checklist

Configuration step

Function/Benefit

Deploy Instance

Deploy the Plixer Scrutinizer hardware/physical or virtual appliance in your environment.

Appliance Setup Wizard

From the appliance terminal, run the setup questionnaire from the appliance terminal to configure an IP address, DNS hostname, NTP server, and HTTPS certificate.

Send Flows

Configure exporters/network devices to send flows to Plixer Scrutinizer (or a Plixer Replicator, if applicable).

SMTP Server

Configure an SMTP server to enable email notifications for alarms and on-demand/scheduled email reports.

SNMP Credentials

Configure SNMP credentials to enable importing of exporter names, interface names, and interface speeds.

Users

Create additional accounts/logins to customize settings and preferences for individual users.

Defined Applications

Define rules for applications that are unique to your network to enhance reporting, filtering, and other functions.

IP Groups

Assign resources specific to your organization to IP groups for reporting, filtering, and inclusion/exclusion management.

External Authentication

Improve your security posture and simplify user management by leveraging AD, LDAP, SSO, Radius, and/or TACACS for user authentication.

Data History

Modify historical data retention settings to support your organization’s forensics and archiving needs.

Security Groups

Populate the default security groups (Firewalls, Core Exporters, Edge Exporters, Defender Probes) to automatically enable flow analytics algorithms and other features for similar devices.

Exclusion IP Groups

Verify that the DNS servers, Public WiFi, Network Scanners, DNS Servers, DHCP Servers, and SNMP Pollers IP groups are correctly populated to automatically define recommended exclusions for flow analytics algorithms.

Flow Analytics Inclusions

Define additional inclusions and exclusions (including custom security groups and IP groups) necessary for specific flow analytics algorithms.

Device/Mapping Groups

Organize exporters into groups to quickly find flow data sources, enable group report filters, and generate customizable network maps.

Dashboards

Create/customize one or more dashboards to consolidate frequently accessed information and drive workflows through the Plixer One platform.

Saved Reports

Create saved reports to quickly re-run the same report configuration with a single click.

Saved Report Thresholds

Add thresholds to saved reports to proactively watch for specific traffic/behaviors and trigger alarms (and notification profiles/actions) when the specified conditions are met.

Schedule Emailed Reports

Set up scheduled email reports to automatically re-run and send important reports as emails to any inbox.

Notifications

Create notification profiles that can be assigned to alarm policies to automatically send emails, forward details to your SIEM, or run custom scripts to do absolutely anything.

Deploy the Plixer ML Engine

Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection in Plixer One Enterprise deployments.

ML Inclusions

Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection in Plixer One Enterprise deployments.

ML Custom Dimensions

Define custom ML dimensions/applications to be monitored by the Plixer ML Engine.

Host Indexing

Enable host indexing to allow for faster and more efficient lookups of any hosts that have passed traffic on your network.

Resources

Allocate sufficient CPU and memory to support expected flow rates and enabled features.

Total Disk Space

Expand allocated disk space to support expected flow rates and configured data retention settings.