1. Home
    2. IoT
    3. IoT Security Administrator’s Guide
    4. Discover IoT Devices and Take Inventory
    5. Device Visualization
    6. Create a Visualization Map Based on Purdue Levels

    Create a Visualization Map Based on Purdue Levels

    Create a visualization map based on Purdue levels and device categories or profiles.
    Before creating a device visualization map based on Purdue levels, you must first indicate the Purdue level to which various devices belong. You can do this by defining custom attribute rules that apply Purdue levels to devices automatically. This involves the following process:
    1. Make a list of device attributes, such as profiles, for all OT devices at Purdue levels 0-3 on your network. Optionally, make a list of subnets for all other IT and IoT devices that are separate from OT and are in levels 4-5.
    2. Create six filters on the Devices page, each filter listing a set of profiles or subnets for the devices at a particular Purdue level. For more information about filters, see IoT Security Devices Page
    3. Create six custom attribute rules that say if a device matches <filter x>, then apply the attribute <level x>. IoT Security assigns any device that doesn’t match one of these rules to the “Unknown” level.
    After completing this setup, you’re ready to create a visualization map based on Purdue levels.
    1. Create a device visualization map.
      1. To create a device visualization map, select
        Devices
        Device Visualization
        .
        This page contains all saved device visualization maps so that you can return to view them later by clicking
        View Map
         for the ones you want to see. You can create a maximum of 25 visualization maps per tenant.
      2. Click
        + New Visualization
         and enter the following in the Create Device Visualization Map configuration panel that appears:
        Name
        : Enter a name for the map.
        Description
        : Optionally enter a description of the visualization map for later reference.
        Build scope
        : Use filters to set parameters for the map.
        Visualization methods
        :
        Purdue View
        The visualization method you select determines the type of map you create. To create a device visualization map based on device attributes, select
        Purdue View
        . This creates a map organized into bands representing the six levels in the Purdue model (0-5) plus a seventh “Unknown” level for devices that aren’t assigned to a Purdue level. First, group devices by
        Purdue Level
        . Then, optionally, within each Purdue level, group devices by
        Category
         or
        Profile
        .
      3. Click
        Create
        .
        IoT Security opens the device visualization map in a new browser tab.
        For example, if you selected
        Purdue View
        , which automatically selects
        Purdue Level
         for the first set of groups, and you then selected
        Profile
         for the second set of groups, you’ll create a map that first shows OT devices organized into various Purdue levels and then by profile within each level. You can navigate to the second layer of the map by clicking one of the groups, which then displays the devices within it.
    2. Manually reassign devices individually if necessary.
      After setting up the filters and letting the rules automatically assign devices to Purdue levels, periodically do spot checks of important devices to make sure they are assigned to the correct Purdue level on the visualization map. If any device isn't properly assigned, note its IP and MAC address to look it up by device ID in the IoT Security inventory. Then manually reassign it to the right level on its Device Details page.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo