Device Security
Integrate Device Security with Extreme Networks ExtremeCloud IQ Site Engine
Table of Contents
Expand All
|
Collapse All
Device Security Docs
Integrate Device Security with Extreme Networks ExtremeCloud IQ Site Engine
Learn how to integrate Device Security with Extreme Networks
ExtremeCloud IQ Site Engine for improved control and visibility over IoT devices.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following subscriptions:
One of the following Cortex XSOAR setups:
|
Integrate Device Security with Extreme Networks ExtremeCloud IQ Site Engine
for more comprehensive control and visibility over your IoT devices. This integration
enables bidirectional exchange of asset information, combining Device Security's
advanced machine learning algorithms for device discovery and classification
with ExtremeCloud IQ Site Engine's network access control capabilities.
You can configure the integration to share specific device contextual attributes,
enhancing your ability to implement accurate network microsegmentation and device
access control. The integration updates your Device Security asset inventory with
device attributes learned from ExtremeCloud IQ Site Engine. Device Security also
adds new devices that it learns from ExtremeCloud IQ Site Engine to the asset inventory,
ensuring greater visibility to devices in your network.
Device Security can learn the following device attributes from
ExtremeCloud IQ Site Engine:
- MAC address or device ID
- Display name
- Firmware
- IP address
- System description
- System name
- System location
In addition to device attributes, Device Security learns about
ExtremeCloud IQ Site Engine end-systems, which are users and user sessions, from the
integration. You can also send device details from Device Security to
ExtremeCloud IQ Site Engine as end-system custom attributes. When security events occur,
you can initiate quarantine or release from quarantine commands directly from
Device Security, with these actions enforced by ExtremeCloud IQ Site Engine
policies for end-system groups. The quarantine command provides quick response
capabilities to potential threats.
Device Security can learn the following end-system attributes from
ExtremeCloud IQ Site Engine:
- Authentication type
- Authentication state
- Last authentication timestamp
- Hostname
- IP address
- Switch port
- Switch IP address
- Last time seen
- MAC address or device ID
- Operating system
- Username
- RADIUS Server
- NAC IP address
- NAC profile
Integrating with Extreme Networks ExtremeCloud IQ Site Engine requires either a
full-featured Cortex XSOAR™ server
or the purchase and
activation of an Device Security
third-party integration add-on license, which comes with a free
cohosted Cortex XSOAR instance.
The basic plan includes a license for three integration add-ons, one of which can be
used for ExtremeCloud IQ Site Engine. The advanced plan includes a license for all
supported third-party integrations.