Configuration checklist¶
The following checklist outlines the recommended order of configuration steps to fully set up a Plixer Scrutinizer deployment:
Note
Click on a checklist item for additional information and detailed instructions related to that configuration step.
Configuration step |
Function/Benefit |
|---|---|
Deploy the Plixer Scrutinizer hardware/physical or virtual appliance in your environment. |
|
From the appliance terminal, run the setup questionnaire from the appliance terminal to configure an IP address, DNS hostname, NTP server, and HTTPS certificate. |
|
Configure exporters/network devices to send flows to Plixer Scrutinizer (or a Plixer Replicator, if applicable). |
|
Configure an SMTP server to enable email notifications for alarms and on-demand/scheduled email reports. |
|
Configure SNMP credentials to enable importing of exporter names, interface names, and interface speeds. |
|
Create additional accounts/logins to customize settings and preferences for individual users. |
|
Define rules for applications that are unique to your network to enhance reporting, filtering, and other functions. |
|
Assign resources specific to your organization to IP groups for reporting, filtering, and inclusion/exclusion management. |
|
Improve your security posture and simplify user management by leveraging AD, LDAP, SSO, Radius, and/or TACACS for user authentication. |
|
Modify historical data retention settings to support your organization’s forensics and archiving needs. |
|
Populate the default security groups (Firewalls, Core Exporters, Edge Exporters, Defender Probes) to automatically enable flow analytics algorithms and other features for similar devices. |
|
Verify that the DNS servers, Public WiFi, Network Scanners, DNS Servers, DHCP Servers, and SNMP Pollers IP groups are correctly populated to automatically define recommended exclusions for flow analytics algorithms. |
|
Define additional inclusions and exclusions (including custom security groups and IP groups) necessary for specific flow analytics algorithms. |
|
Organize exporters into groups to quickly find flow data sources, enable group report filters, and generate customizable network maps. |
|
Create/customize one or more dashboards to consolidate frequently accessed information and drive workflows through the Plixer One platform. |
|
Create saved reports to quickly re-run the same report configuration with a single click. |
|
Add thresholds to saved reports to proactively watch for specific traffic/behaviors and trigger alarms (and notification profiles/actions) when the specified conditions are met. |
|
Set up scheduled email reports to automatically re-run and send important reports as emails to any inbox. |
|
Create notification profiles that can be assigned to alarm policies to automatically send emails, forward details to your SIEM, or run custom scripts to do absolutely anything. |
|
Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection in Plixer One Enterprise deployments. |
|
Deploy and set up the Plixer ML Engine to enable advanced features, including network behavior modeling and anomaly detection in Plixer One Enterprise deployments. |
|
Define custom ML dimensions/applications to be monitored by the Plixer ML Engine. |
|
Enable host indexing to allow for faster and more efficient lookups of any hosts that have passed traffic on your network. |
|
Allocate sufficient CPU and memory to support expected flow rates and enabled features. |
|
Expand allocated disk space to support expected flow rates and configured data retention settings. |