IoT Security
Devices with Static IP Addresses
Table of Contents
Expand All
|
Collapse All
IoT Security Docs
-
-
- Firewall Deployment Options for IoT Security
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
-
Devices with Static IP Addresses
IoT Security uses several methods to detect static IP
addresses.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
While most network-connected devices receive their IP
addresses dynamically through DHCP, it’s common to reserve part
of the network address space for use as static IP addresses for
devices such as routers, printers, FTP servers, and DHCP servers.
Beyond this common practice, there are some industries and facilities
that use static IP addresses predominantly; for example, manufacturing,
utilities, oil and gas, warehouses, order fulfillment centers, and
processing and distribution centers. Because most automation and
control applications use the IP address directly in their programs,
it's important that robotic devices and controllers in assembly
lines and processing centers have static IP addresses, which is
why static addressing is so prevalent in these areas.
IoT Security can be deployed in networks where DHCP dynamically
assigns IP addresses to devices, where network administrators manually
configure devices with static IP addresses, and where there’s a
combination of both. IoT Security uses multiple techniques for detecting
and monitoring network activity and correlating it to individual
devices. By examining the DHCP traffic logs that firewalls provide,
it associates dynamically assigned IP addresses with device MAC
addresses and adds these devices to its inventory. By looking at
ARP logs, IoT Security also learns IP address-to-MAC address mappings
and adds devices with static IP addresses, which might not otherwise
be discovered through DHCP, to its inventory as well. However, by
the very nature of ARP broadcasts, this only works for devices within
the same Layer 2 broadcast domains as the reporting firewalls. For
devices with static IP addresses beyond Layer 2 boundaries, IoT Security uses machine learning to discover network activity patterns
indicating the likely presence of such devices. You also have the
option of manually providing IoT Security with static IP address assignments
through static IP device and subnet configurations.
Providing IoT Security with a static IP address configuration
by itself is not enough to add a device to the inventory. IoT Security
must also detect network traffic to or from a device with a configured
static IP address. Then it adds the device to its inventory.
Use one of the following methods to add static IP devices and
subnets to the IoT Security inventory:
- Upload a List of Static IP Devices
- Add a Static IP Device Configuration
- Upload a List of Subnets with Only Static IP Addresses
- Add a Subnet with Only Static IP Addresses
IoT Security then uses the IP addresses of these devices (rather
than their MAC addresses) to identify and track them.