Advanced Device-ID
enhances the existing
Device-ID by enabling more
granular and precise device grouping capabilities for policy recommendations. With
Advanced Device-ID, you can create complex
Device-ID objects by
defining matching criteria using multiple asset categories and attributes. The
matching criteria allow for matching specific asset types, operating systems, and
device categories, or even exclude certain devices, based on risk and various other
factors.
Using Advanced Device-ID, you can create more targeted security policy rules,
improving your network's overall security posture. For example, you can define
policy rules for all IoT assets and exclude a few predefined ones, or create rules
for assets without an Device Security verdict. The feature also supports grouping
multiple Device-ID objects together for use in security policy rules,
helping to streamline policy management.
In healthcare, manufacturing, and industries with diverse asset ecosystems,
Advanced Device-ID provides more precise control over asset access and security
policy applications, helping you meet compliance requirements and reduce security
risks. With a more nuanced approach to how security policy rules apply to a variety
of assets, Advanced Device-ID enables you to better protect your network while
maintaining operational efficiency.
Advanced Device-ID introduces three operational modes: legacy, hybrid, and
advanced. These modes allow you to transition from the existing Device-ID
implementation to the new advanced functionality. In hybrid mode, you can use both
legacy and advanced Device-ID objects, providing backwards compatibility
and ensuring your security policy rules remain active, while allowing you to explore
the new capabilities. The advanced mode offers the full power of the new feature,
with improved asset targeting features using asset attributes learned from
Device Security.