IoT Security
Integrate IoT Security with Extreme Networks ExtremeCloud IQ Site Engine
Table of Contents
Expand All
|
Collapse All
IoT Security Docs
-
-
- Firewall Deployment Options for IoT Security
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
-
Integrate IoT Security with Extreme Networks ExtremeCloud IQ Site Engine
Learn how to integrate IoT Security with Extreme Networks
ExtremeCloud IQ Site Engine for improved control and visibility over IoT devices.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following Cortex XSOAR setups:
|
Integrate IoT Security with Extreme Networks ExtremeCloud IQ Site Engine
for more comprehensive control and visibility over your IoT devices. This integration
enables bidirectional exchange of asset information, combining IoT Security's
advanced machine learning algorithms for device discovery and classification
with ExtremeCloud IQ Site Engine's network access control capabilities.
You can configure the integration to share specific device contextual attributes,
enhancing your ability to implement accurate network microsegmentation and device
access control. The integration updates your IoT Security asset inventory with
device attributes learned from ExtremeCloud IQ Site Engine. IoT Security also
adds new devices that it learns from ExtremeCloud IQ Site Engine to the asset inventory,
ensuring greater visibility to devices in your network.
IoT Security can learn the following device attributes from
ExtremeCloud IQ Site Engine:
- MAC address or device ID
- Display name
- Firmware
- IP address
- System description
- System name
- System location
In addition to device attributes, IoT Security learns about
ExtremeCloud IQ Site Engine end-systems, which are users and user sessions, from the
integration. You can also send device details from IoT Security to
ExtremeCloud IQ Site Engine as end-system custom attributes. When security events occur,
you can initiate quarantine or release from quarantine commands directly from
IoT Security, with these actions enforced by ExtremeCloud IQ Site Engine
policies for end-system groups. The quarantine command provides quick response
capabilities to potential threats.
IoT Security can learn the following end-system attributes from
ExtremeCloud IQ Site Engine:
- Authentication type
- Authentication state
- Last authentication timestamp
- Hostname
- IP address
- Switch port
- Switch IP address
- Last time seen
- MAC address or device ID
- Operating system
- Username
- RADIUS Server
- NAC IP address
- NAC profile
Integrating with Extreme Networks ExtremeCloud IQ Site Engine requires either a
full-featured Cortex XSOAR™ server
or the purchase and
activation of an IoT Security
third-party integration add-on license, which comes with a free
cohosted Cortex XSOAR instance.
The basic plan includes a license for three integration add-ons, one of which can be
used for ExtremeCloud IQ Site Engine. The advanced plan includes a license for all
supported third-party integrations.