When integrated with Aruba ClearPass, IoT
Security provides it with accurate IoT device identities and notifies
it whenever a security threat arises and device behavior veers from
what is expected and safe. IoT Security does this by discovering
IoT devices on the network, identifying and profiling them, and
then reporting them through Cortex XSOAR and an on-premises XSOAR
engine to your ClearPass system. IoT Security also checks for security
risks and anomalous behavior, and when it discovers any, it sends
alerts to ClearPass for automated policy enforcement.
IoT
Security populates custom endpoint attributes on your ClearPass
instance with device data. ClearPass then uses this data in NAC
(network access control) policies to segment endpoints into VLANs
for reduced risk exposure. In addition, with just a couple of clicks
from the IoT Security portal, you can manually quarantine compromised
devices identified by IoT Security alerts and later remove them
from quarantine.