Integrate IoT Security with Aruba ClearPass
Table of Contents
Integrate IoT Security with Aruba ClearPass
Integrate IoT Security through Cortex XSOAR with Aruba
ClearPass.
When integrated with Aruba ClearPass, IoT
Security provides it with accurate IoT device identities and notifies
it whenever a security threat arises and device behavior veers from
what is expected and safe. IoT Security does this by discovering
IoT devices on the network, identifying and profiling them, and
then reporting them through Cortex XSOAR and an on-premises XSOAR
engine to your ClearPass system. IoT Security also checks for security
risks and anomalous behavior, and when it discovers any, it sends
alerts to ClearPass for automated policy enforcement.
IoT
Security populates custom endpoint attributes on your ClearPass
instance with device data. ClearPass then uses this data in NAC
(network access control) policies to segment endpoints into VLANs
for reduced risk exposure. In addition, with just a couple of clicks
from the IoT Security portal, you can manually quarantine compromised
devices identified by IoT Security alerts and later remove them
from quarantine.
Make sure your XSOAR engine can form an HTTPS
connection to your ClearPass instance on TCP port 443.
Integrating with Aruba ClearPass requires either a full-featured Cortex XSOAR server
or the purchase and activation of an IoT Security third-party integration add-on license, which comes with a free cohosted Cortex XSOAR instance. The basic
plan includes a license for three integration add-ons, one of which can be used for
this. The advanced plan includes a license for all supported third-party
integrations.