Plixer Scrutinizer is able to partition its environment into smaller sets of devices and other objects using several different grouping schemes. These groups are used in various monitoring, reporting, and configuration functions and, when correctly set up, enable more fluid and efficient workflows.
- IP Groups
IP Groups are user-defined groups of devices that share certain characteristics, such as device type, ownership/department, and geolocation, for the purpose of monitoring and/or reporting. They are defined as lists of IP addresses, IP address ranges, and/or full subnets and can be configured from the Admin > Definitions > IP Groups page.
The Plixer Scrutinizer factory configuration includes default IP Groups that are used by certain functions (e.g., Flow Analytics exclusions) and should be populated as part of tailoring the system to the environment.
- Mapping Groups
Mapping Groups are user-defined groups of devices that are used to generate Network Maps and allow for customizable visualization of network topology up to the interface level (not including end devices).
Network Maps can be created and viewed from the Monitor > Network Maps page of the Plixer Scrutinizer web interface, while additional configuration and management options for Mapping Groups and Objects can be accessed via their respective pages under the Admin > Settings.
- Security Groups
Security Groups are user-defined Exporter groups that streamline the process of enabling the appropriate Flow Analytics algorithms for different Exporter types. They can be managed from the Admin > Alarm Monitor > Security Groups page.
After a Security Group has been created/populated, it can be added to one or more FA algorithms from the Admin > Alarm Monitor > Alarm Policies page. This will enable the algorithm(s) for all Exporters in the group. Alternatively, algorithms can be assigned to Security Groups from the Security Groups admin page instead.