Device Security
Integrate Device Security with AIMS
Table of Contents
Integrate Device Security with AIMS
Integrate Device Security through Cortex XSOAR with AIMS.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following subscriptions:
One of the following Cortex XSOAR setups:
|
By integrating Device Security with AIMS (Asset Information Management System) from Phoenix
Data Systems, you can periodically import the device inventory from the AIMS
database through Cortex XSOAR to Device Security. The integration also
lets you manually forward security alerts and vulnerabilities as auto-generated work
orders from Device Security through Cortex XSOAR to AIMS.
AIMS
can be deployed in the cloud or on premises, and Device Security integrates with
it through Cortex XSOAR in both cases. When AIMS is in the cloud,
Cortex XSOAR communicates with it directly. When AIMS is on premises,
Cortex XSOAR communicates with it through an on-premises XSOAR engine.
When
importing device information from AIMS, AIMS provides the following device
attributes:
- MAC address and IP address (These are only used to match the other device attributes with the devices in Device Security.)
- Serial number
- Department
- Asset tag
- Location
- AET (application entity title; provided for DICOM devices)
- Software version
When you send a work order from Device Security to AIMS for a security alert or vulnerability,
the device associated with the incident must already have an asset tag assigned to
it. Otherwise, it's not possible for AIMS to find it in its database.
Integrating with AIMS requires either a
full-featured Cortex XSOAR server
or the purchase and activation of an Device Security
third-party integration add-on license, which comes with a free
cohosted Cortex XSOAR instance. The basic
plan includes a license for three integration add-ons, one of which can be used for
AIMS. The advanced plan includes a license for all supported third-party
integrations.