The Policy Group Recommendations tool in Cloud Control Center simplifies device classification by suggesting appropriate Policy Groups for unclassified assets. This feature is accessed from Tools & Utilities → Insights, and enables fast adoption of standardized Policy Groups to assist in decreasing the number of unclassified devices discovered by Elisity.
Once enabled in Settings > System > Advanced, the system analyzes devices in the Unassigned Policy Group using predefined match criteria—primarily based on category metadata—and proposes new groups with default security levels.
Note: Currently, only devices in the Unassigned Policy Group are evaluated. Local Policy Groups and reclassification between existing groups are not supported in this phase.
Enabling Policy Group Recommendations
To activate the Insights engine:
-
Navigate to Settings → System → Advanced.
-
Scroll down to Insights.
-
Toggle Enable Insights.
Accessing Policy Group Recommendations
To launch the tool:
-
Go to Tools & Utilities → Insights.
-
The default landing tab displays a Network Summary with an overview of:
-
Total devices analyzed
-
Number of group suggestions
-
Count of classified vs. unclassified devices
-
-
Click Click to review in the Device Group Suggestions panel.
Reviewing Recommendations
The Review screen presents a list of proposed Policy Groups for creation. Each entry includes:
-
Policy Group Name
-
Matched Devices: The number of unclassified devices that meet the match criteria
-
Impact Level: System-assigned classification priority (High, Medium, Low)
-
Security Level: The default Security Level assigned by Elisity
-
Description: A brief summary of the device classification
To understand why a Policy Group is being recommended, click the group name to view the match criteria, such as "Category = Wireless Equipment."
To inspect which devices match this criteria, click the device count to open a drawer that displays the list of affected assets, including identifiers like MAC address, IP, and hostname (if available).
System-required Policy Groups are automatically pre-selected, even if no devices currently match. These groups are expected to match future assets and are critical to baseline segmentation coverage.
Creating Policy Groups
Once reviewed, select one or more recommended Policy Groups and click Next.
The Summary screen categorizes selected groups by Impact Level and provides a final review of the group name, matched device count, description, and Security Level. This is your opportunity to validate what is being created before finalizing the action.
Click Finish to complete the creation process. The new Policy Groups will appear immediately in the Policy Groups dashboard and are available for policy authoring and assignment.
Security Levels
Each recommended Policy Group includes a default Security Level that represents the potential impact of devices in that group:
| Security Level | Description |
|---|---|
| 1 | Low Impact |
| 2 | Medium Impact |
| 3 | High Impact |
| 4 | Critical (system-reserved) |
Security Levels can be modified after creation to reflect organizational standards or enforcement requirements.
Evaluation Behavior
-
Evaluated Devices: Only unclassified devices (in the Unassigned Policy Group) with a Consistency Score of 75% or higher are considered.
-
Matching Logic: Match criteria is derived from a predefined global library using static attributes like Category or Type.
-
Execution Timing: Evaluations run automatically every hour and are also executed on-demand when opening the Insights view.
-
Required Groups: Some Policy Groups are marked as required and may appear with zero matches to ensure coverage.