Define Endpoint Groups

To easily apply policy rules and manage specific endpoints, you can define an endpoint group.
To easily apply policy rules and manage specific endpoints, you can define an endpoint group. If you set up Cloud Identity Engine, you can also leverage your Active Directory user, group, and computer information in endpoint groups.
There are two methods you can use to define an endpoint group:
  • Create a dynamic group by allowing
    to populate your endpoint group dynamically using endpoint characteristics such as a endpoint tag, partial hostname or alias; full or partial domain or workgroup name; IP address, range or subnet; installation type (VDI, temporary session, or standard endpoint); agent version; endpoint type (workstation, server, mobile); or operating system version.
  • Create a static group by selecting a list of specific endpoints.
After you define an endpoint group, you can then use it to target policy and actions to specific recipients. The Endpoint Groups page displays all endpoint groups along with the number of endpoints and policy rules linked to the endpoint group.
To define an endpoint static or dynamic group:
  1. From
    , select
    Endpoint Groups
    +Add Group
  2. Select either
    Create New
    to create an endpoint group from scratch or
    Upload From File
    , using plain text files with new line separator, to populate a static endpoint group from a file containing IP addresses, hostnames, or aliases.
  3. Enter a
    Group Name
    and optional
    to identify the endpoint group. The name you assign to the group will be visible when you assign endpoint security profiles to endpoints.
  4. Determine the endpoint properties for creating an endpoint group:
    • Dynamic
      —Use the filters to define the criteria you want to use to dynamically populate an endpoint group. Dynamic groups support multiple criteria selections and can use
      operators. For endpoint names and aliases, and domains and workgroups, you can use
      to match any string of characters. As you apply filters,
      displays any registered endpoint matches to help you validate your filter criteria.
    • Static
      —Select specific registered endpoints that you want to include in the endpoint group. Use the filters, as needed, to reduce the number of results.
      When you create a static endpoint group from a file, the IP address, hostname, or alias of the endpoint must match an existing agent that has registered with
      . You can select up to 250 endpoints.
    Disconnecting Cloud Identity Engine in your
    deployment can affect existing endpoint groups and policy rules based on Active Directory properties.
  5. Create the endpoint group.
    After you save your endpoint group, it is ready for use to assign security profiles to endpoints and in other places where you can use endpoint groups.
  6. Manage an endpoint group, as needed.
    At any time, you can return to the Endpoint Groups page to view and manage your endpoint groups. To manage a group, right-click the group and select the desired action:
    • Edit
      —View the endpoints that match the group definition, and optionally refine the membership criteria using filters.
    • Delete
      the endpoint group.
    • Save as new
      —Duplicate the endpoint group and save it as a new group.
    • Export group
      —Export the list of endpoints that match the endpoint group criteria to a tab separated values (TSV) file.
    • View endpoints
      —Pivot from an endpoint group to a filtered list of endpoints on the
      Endpoint Administration
      page where you can quickly view and initiate actions on the endpoints within the group.

Recommended For You