Device Groups come in two forms:
Manual Device Groups
Manual Device Groups require the filter administrator to manually assign device members to the Device Group.
Smart Device Group Membership
Smart Device Groups calculate device membership on various criteria and do not require ongoing,
manual maintenance as devices are created. By default the Log Cabin Console includes the
allassigned Smart Device Groups.
All Company Devices (allusers)
allusers automatically contains all the devices of a given Company.
This enables filter administrators to quickly target all devices in an Access Policy.
All Devices in Manual Device Groups (allassigned)
allassigned automatically contains all devices that the filter administrator has manually
assigned membership in one or more Manual Device Groups.
This enables the filter administrator to create
targeted, specific Access Policies for specific groups of devices, and then create a default
Access Policy which will apply to all devices which are NOT in the
All Devices Matching Query (dynamic)
Smart Device Groups can be created where devices match specified query parameters. For example, a group might match all Remote Devices of the Platform = Android. Or all Remote Devices of Platform = Android and Device Type = Tablet.
Collected Device Groups (collected)
Collected Device Groups will not be created directly, but rather when Access Policy Groups are created. Collected Device Groups include all the devices of all Company Device Groups that are assigned to the Access Policy Group.
Smart Device Groups can apply to:
- All Companies on the system. (Company & Policy field are blank)
- All Companies that are members of the Accountability Policy specified in the Smart Device Group.
- One specific company, specified in the Smart Device Group.
Device Groups will not have any affect until activated with Access Policies.
Device Groups can be negatable when assigned to the Access Policy, so when creating Device Groups, always consider the smallest number of users. For example, if the goal is to limit access to all employees except the division supervisors, create a device group of Supervisors. In the Access Policy, mark that the Policy applies outside of the Supervisors device group.