An MSG Device Group is analogous to an Application, in that it defines a logical group of servers or devices that are protected with the same set of Chamber Policies and accessed with the same set of Access Policies.
You may create, edit, and delete MSG Device Groups from Onboarding and Management > MSG Device Groups.
Creating an MSG Device Group
Enter a descriptive name for the MSG Device Group
Select the MSG that will host the MSG Device Group.
Select the port pair that the MSG Device Group will attach to.
If in High Density Mode, specify a list of downstream IP addresses that will be part of the MSG Device Group.
Click 'Save' to complete creating the MSG Device Group.
The MSG Device Group is now available to be assigned Chamber Policies or to be used in an Access Policy.
The port-pair functions as an L2 bypass for all IP addresses that are not configured as part of an MSG Device Group. In High-Density Mode, Chamber controls do not apply to the intra-subnet traffic on the access switch, so do consider the security implications of including only certain devices on a subnet into an MSG Device Group.
Deleting an MSG Device Group
To delete the MSG Device Group, select the MSG Device Group and click the trash can icon.
Comments
0 comments
Please sign in to leave a comment.