: Create a Visualization Map
Focus
Focus

Create a Visualization Map

Table of Contents

Create a Visualization Map

Create a visualization map based on device attributes such as subnets and profiles or Purdue levels.
  1. Select
    Networks
    Network Visualizations
    .
    Before you create your first network visualization map, the Network Visualizations page displays a map of the world. Any existing sites whose location has been defined appear in those locations on the map. Sites without a defined location appear in an Unknown Sites list in the lower left corner of the map. To define a location for a site, select
    Networks
    Networks and Sites
    Sites
    , click
    N/A
    in the Location column (or click the three vertical dots icon at the right end of a row and then
    Edit Site
    ), enter a city name in Site Address, and then
    Save
    .
    After you add and save a visualization map, it appears on this page so that you can return to view the map later by clicking
    View Map
    .
  2. Create a network visualization map.
    There isn’t a maximum number of visualization maps you can create, but there is a maximum of 500 nodes (subnets, profiles, devices, and so on) that a map can display. If the number of nodes exceeds 500,
    IoT Security
    hides the map and presents the information in table format only.
    1. Select
      Networks
      Network Visualizations
      + Create Map
      , select one or more sites, and
      Add to Scope
      .
    2. After you set the site scope, click
      Next
      .
    3. Click
      Device Grouping
      to configure the method for grouping devices on the map based on your needs. You can change this later.
      The device grouping you select determines the type of map you create. First, group devices by one of the following attributes:
      Category
      ,
      Profile
      ,
      Vendor
      ,
      Subnet
      ,
      VLAN ID
      , or
      Purdue Level
      . Then, optionally, depending on the attribute you used, organize them within each first-layer group by another type of attribute in a second layer:
      First set of groups
      Second set of groups (optional)
      Category
      Profile
      Vendor
      Risk Level
      Subnet
      Category or Profile
      VLAN ID
      Category or Profile
      Purdue Level*
      Category or Profile
      * Before creating a device visualization map based on Purdue levels, you must first indicate the Purdue level to which various devices belong. You can do this by defining custom attribute rules that apply Purdue levels to devices automatically. This involves the following process:
      1. Make a list of device attributes, such as profiles, for all OT devices at Purdue levels 0-3 on your network. Optionally, make a list of subnets for all other IT and IoT devices that are separate from OT and are in levels 4-5.
      2. Create six filters on the Devices page, each filter listing a set of profiles or subnets for the devices at a particular Purdue level. For more information about filters, see IoT Security Devices Page.
      3. Use the six pre-defined values for Purdue Levels 0-5 to create custom attribute rules to assign Purdue Levels to devices based on the filters you created (a default filter is used to assign a Purdue Level to devices based on Category).
        IoT Security
        assigns any device that doesn’t match one of these rules to the “Unknown” level.
      For example, if you set the first set of groups as
      Subnet
      and the second set of groups as
      Category
      , you’ll create a map that first shows devices organized into various subnets. Then if you navigate to the second layer of the map by clicking one of the subnets, you’ll see devices grouped by device category within it.
    4. Continue to refine the map scope by entering more parameters to define the scope of the visualization map and then click
      Update
      .
      IoT Security
      displays a visualization based on the scope you define. The scope must include a time range during which devices were active on the network (the past day, week, or month). The scope also typically contains at least one site; however, it’s possible to make a map without specifying any specific site, in which case the map includes all sites. In addition to a time range and sites, you can optionally add numerous filters to narrow the map scope further. Doing so lets you more easily find the types of devices you’re looking for and also reduces the number of nodes that the map displays.
    5. Review the visualization and, if necessary, continue adjusting the scope and device grouping until the map shows the data you want to see.
    6. When you’re satisfied with the content of the visualization map, click
      Build Map
      , and then enter the following:
      Name
      : Enter a name for the visualization map
      Description
      : Optionally enter a description of the visualization map for later reference.
      Scope
      : Review the filters that define the parameters of the map. Because a map can contain up to 500 nodes, define a scope that stays within this range. You can narrow the scope by filtering devices by type as well as by various device, alert, and vulnerability attributes. This filtering behaves much like the query builder.
      Device Grouping
      : Review the device grouping of the map. You can edit the grouping method here and while viewing a saved map.
    7. Click
      Confirm
      .
      The map immediately becomes available to view on the Networks Visualization page.
  3. Purdue Levels
    Manually reassign devices individually if necessary.
    After setting up the filters and letting the rules automatically assign devices to Purdue levels, periodically do spot checks of important devices to make sure they are assigned to the correct Purdue level on the visualization map. If any device isn't properly assigned, note its IP and MAC address to look it up by device ID in the
    IoT Security
    inventory. Then manually reassign it to the right level on its Device Details page.

Recommended For You