Device Groups


Device Groups enable the filter administrator to segment the network into groups of Local and Remote Devices.

Device Groups come in two forms:


Manual Device Groups

Manual Device Groups require the filter administrator to manually assign device members to the Device Group.


Smart Device Group Membership

Smart Device Groups calculate device membership on various criteria and do not require ongoing, manual maintenance as devices are created. By default the Log Cabin Console includes the alldevices and allassigned Smart Device Groups.

All Company Devices (allusers)

allusers automatically contains all the devices of a given Company. This enables filter administrators to quickly target all devices in an Access Policy.

All Devices in Manual Device Groups (allassigned)

allassigned automatically contains all devices that the filter administrator has manually assigned membership in one or more Manual Device Groups.

This enables the filter administrator to create targeted, specific Access Policies for specific groups of devices, and then create a default Access Policy which will apply to all devices which are NOT in the allassigned group.

All Devices Matching Query (dynamic)

Smart Device Groups can be created where devices match specified query parameters. For example, a group might match all Remote Devices of the Platform = Android. Or all Remote Devices of Platform = Android and Device Type = Tablet.

Collected Device Groups (collected)

Collected Device Groups will not be created directly, but rather when Access Policy Groups are created. Collected Device Groups include all the devices of all Company Device Groups that are assigned to the Access Policy Group.

Assignment

Smart Device Groups can apply to:

  1. All Companies on the system. (Company & Policy field are blank)
  2. All Companies that are members of the Accountability Policy specified in the Smart Device Group.
  3. One specific company, specified in the Smart Device Group.

Activation

Device Groups will not have any affect until activated with Access Policies.

Device Groups can be negatable when assigned to the Access Policy, so when creating Device Groups, always consider the smallest number of users. For example, if the goal is to limit access to all employees except the division supervisors, create a device group of Supervisors. In the Access Policy, mark that the Policy applies outside of the Supervisors device group.