Product Documentation

Site and Network groups

Administrators can group sites or IP addresses to simplify common application policies across multiple sites or network addresses, and also serve as filters for reports.

To view Site and Network Groups, navigate to Configuration > Site and Network Groups.

localized image

Regions

Regions are helped to create administrative boundaries within large networks spanning hundreds to thousands of sites. If your organization has a large network spanning multiple administrative (or geographical) boundaries, you can consider creating regions to segment the network.

Currently, a maximum of 550 sites are supported per region, and each region is expected to have a Regional Control Node (RCN), which serves as the hub and controller for the region. So, you would typically consider a multi-region deployment if your network has more than 500 sites. By default, all networks are single region networks, where the Master Control Node (MCN) serves as the hub and the control node for all the sites. On adding one or more regions, the network becomes a multi-region network. The region associated with the MCN is called the default region.

A multi-region network supports a hierarchical architecture with a Master Control Node (MCN) controlling multiple Regional Control Nodes (RCNs). Each RCN, in turn, controls multiple branch sites. Even in a multi-region deployment, you can have the MCN double up as the direct hub node for a subset of the sites while having rest of the sites use their respective RCNs as hub nodes. The sites being managed directly by the MCN that is, the RCNs and potentially some other sites directly managed by the MCN are said to be in the default region. The default region would be the only region for a network before additional regions are added.

localized image

To create a site group at region level click Add Region. Provide a region name and select sites. Once you filled the details, click Review and then Confirm.

Note

Customer may only have Static or Dynamic Virtual paths within a Region.

localized image

You can place sites under the region once a Region is created successfully.

Note

Dynamic virtual paths cannot be established between branches in different regions.

Custom site groups

Custom Site Groups provide users the flexibility to group sites as needed. Users can apply policies for groups of sites at once, without necessarily having to deal with each site individually. Groups can also serve as filters for dashboards, reports, or network configuration. Unlike Regions, groups can overlap in terms of sites. In other words, the same sites can be part of multiple groups.

For example, a user can create a group named Business Critical Sites to configure common policies for all your business-critical sites, and also be able to monitor their health and performance separately as a group. Some of those sites can also be a part of a Large Branch Office group, for instance.

Custom Sites Groups provide a way to logically group sites together for reporting purposes. You can create custom groups and add sites to each custom group. To create a custom group click Add Custom Group. Provide a group name and select or add sites under Group Sites section.

localized image

IP groups

Users can group IP and network addresses by using IP Groups. These groups can be used in configuration and policies as needed, without necessarily having to key in individual IP addresses each time.

You can create IP groups and add sites to each IP group. Network objects can be grouped together based on the IP address. To create an IP group, select IP Groups and click Add IP Group. Provide group identifiers with a group name, description, and tags.

localized image

Site and Network groups