IoT Security
Integrate IoT Security with AIMS
Table of Contents
Integrate IoT Security with AIMS
Integrate IoT Security through Cortex XSOAR with AIMS.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following Cortex XSOAR setups:
|
By integrating IoT Security with AIMS (Asset Information Management System) from Phoenix
Data Systems, you can periodically import the device inventory from the AIMS
database through Cortex XSOAR to IoT Security. The integration also
lets you manually forward security alerts and vulnerabilities as auto-generated work
orders from IoT Security through Cortex XSOAR to AIMS.
AIMS
can be deployed in the cloud or on premises, and IoT Security integrates with
it through Cortex XSOAR in both cases. When AIMS is in the cloud,
Cortex XSOAR communicates with it directly. When AIMS is on premises,
Cortex XSOAR communicates with it through an on-premises XSOAR engine.
When
importing device information from AIMS, AIMS provides the following device
attributes:
- MAC address and IP address (These are only used to match the other device attributes with the devices in IoT Security.)
- Serial number
- Department
- Asset tag
- Location
- AET (application entity title; provided for DICOM devices)
- Software version
When you send a work order from IoT Security to AIMS for a security alert or vulnerability,
the device associated with the incident must already have an asset tag assigned to
it. Otherwise, it's not possible for AIMS to find it in its database.
Integrating with AIMS requires either a
full-featured Cortex XSOAR server
or the purchase and activation of an IoT Security
third-party integration add-on license, which comes with a free
cohosted Cortex XSOAR instance. The basic
plan includes a license for three integration add-ons, one of which can be used for
AIMS. The advanced plan includes a license for all supported third-party
integrations.