Integrate Device Security with Rockwell Automation AssetCentre
Focus
Focus
Device Security

Integrate Device Security with Rockwell Automation AssetCentre

Table of Contents

Integrate Device Security with Rockwell Automation AssetCentre

Integrate Device Security with Rockwell Automation AssetCentre to augment the attributes of devices in the Device Security inventory.
Where Can I Use This?What Do I Need?
  • Device Security (Managed by Strata Cloud Manager)
  • (Legacy) IoT Security (Standalone portal)
One of the following subscriptions:
  • Device Security subscription for an advanced Device Security product (Enterprise Plus, Industrial OT, or Medical)
  • Device Security X subscription
One of the following Cortex XSOAR setups:
  • A free, cohosted, limited-featured Cortex XSOAR instance
    AND
    A Cortex XSOAR Engine (on-premises integration)
  • A full-featured Cortex XSOAR server
FactoryTalk AssetCentre is a centralized tool by Rockwell Automation designed for managing, securing, versioning, tracking, and reporting automation-related assets. Device Security integrates through Cortex XSOAR with AssetCentre to import device attributes from AssetCentre databases. Users can enable recurring imports or manually initiate bulk imports to match devices based on MAC or IP address. Device Security matches the imported devices with those in its inventory by MAC or IP address and augments the attributes it already has for them with those learned from AssetCentre. If the set of imported devices includes a device that isn’t yet in its inventory, Device Security adds that device if the AssetCentre database includes its MAC address, among other attributes. If AssetCentre doesn’t have the MAC address of a device that’s new for Device Security, it’s not imported as an IP endpoint; it’s just not imported at all. Device Security displays device information that it learns from this integration in the Asset Inventory and on the Device Details pages.
The integration of Device Security and Rockwell Automation FactoryTalk AssetCentre can occur when one or more Palo Alto Networks firewalls are running on the same network that’s under AssetCentre management. The firewalls send Device Security network traffic data logs through the Palo Alto Networks logging service and then Device Security analyzes metadata from the logs to discover and identify devices on the network and track their network behaviors. In addition, Device Security also supplements this information with the device attributes it imports through Cortex XSOAR from one or more AssetCentre databases on Microsoft SQL servers.
Integrating with AssetCentre requires either a full-featured Cortex XSOAR server or the purchase and activation of an Device Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic plan includes a license for three integration add-ons, one of which can be used for AssetCentre. The advanced plan includes a license for all supported third-party integrations.