Genian Device Platform Intelligence (GDPI)

What is GDPI?

Today's work environment, with BYOD (Bring Your Own Device) and IoT (Internet of Things) where all IT equipment is connected to the network, makes the network more complex and exposed to various threats than ever before.

IT administrators must protect the network from various threats by ensuring that only authenticated devices can connect to the network. However, identifying and managing diverse equipment connected to multiple access points within an organization is not easy.

Genian NAC provides Device Platform Intelligence to help administrators manage equipment more easily.

First, Device Platform Intelligence identifies the manufacturer, product name, and model name of equipment connected to the network through various intelligent methods. Through the identified device platform, administrators can inquire about various information held by the device:

Device Photo
Device Connection Type (Wired, Wireless)
Device EoL (End of Life) Status
Device EoS (End of Sale) Status
Manufacturer
Country of Manufacture
Manufacturer Business Continuity Status
Manufacturer Qualification

This additional information enhances administrators' visibility into devices on the network, making IT management easier.

Device Platform and CVE

Common Vulnerabilities and Exposures (CVE) is a database of vulnerabilities in IT equipment and software provided by MITRE. Over 1,000 new vulnerabilities are published each month, and IT administrators must identify vulnerabilities related to the IT equipment they manage. Genian NAC identifies IT devices on the network and displays CVEs, making network management easier.

How to Find Device Platform

Genian NAC detects connected device platforms by utilizing various information collected by the Network Sensor. When a device connects to the network, it sends and receives packets with the sensor, and the sensor can obtain information about the protocols the device is servicing. Genian NAC detects device platform information using the following protocols:

Active Methods

HTTP / HTTPS Headers and Body
Web Browser User Agent
TELNET / SSH / SMTP Banners
Open Ports (Managing Port Scan List)
SNMP OID / Description
SIP
and more

Passive Methods

Web Browser User Agent (using SPAN Port)
MAC Address
Hostname
DHCP Request
UPNP
HPSLP
and more

Genian NAC uses its own Platform Database (GPDB) to detect device platforms. GPDB ensures that platforms are accurately detected through various patterns matching device information. To provide the highest accuracy, GPDB is updated weekly, allowing for quick identification of the latest devices released in the market within the network. (GPDB for Professional / Enterprise editions is updated weekly, and GPDB for Basic edition is updated monthly.) Compare Editions

Node Type

Each device platform has the following node types:

Policy Server

Network Sensor

Virtual Sensor

Switch Port

Secondary Network Sensor

Virtual IP

Wireless Sensor

Undefined

PC

Mobile Device

Server

Network Device

Wireless Device

Router

Switch

Security Device

Printer

IP Phone

Other

You can browse or create policies based on this node type information.

Genian Platform Database (GPDB)

GPDB is a database that stores device platform detection patterns and device platform information related to GDPI. GPDB is continuously updated by Genians' device platform engineers. Therefore, new devices can be quickly detected without additional work.

To check the time of the last updated GPDB,

Go to System > Update Management > Operational Information Data.

Device Platform Intelligence

You can view additional device platform information through the Device Platform Intelligence page.

To view individual node information,

Go to Management > Node in the top panel.
Find and click the Platform of the desired Node.

Manually Defining Node Platform

Go to Management > Node in the top panel.
Select the IP Address of the desired node.
In the Platform Status tab, click the Specify checkbox in the Platform input to manually enter.
Click the Update button.

Note

An icon will be displayed next to the platform name in the node view. This icon indicates that it has been manually defined.

Creating Custom Node Type

Go to Preferences in the top panel.
In the left Preferences panel, go to Attribute Management > Node Type Management.
Click Select Tasks > Create.
Enter the node type name and select an icon (if you have a custom icon, click the Add button to upload the icon image file).
Click Create.

Note

Custom node types must be manually defined and added to nodes.

Go to Management > Node in the top panel.
Click the IP Address of the desired node.

Below, General tab

For Node Type, click Specify to manually define the node type.
Select the Node Type.
Click Update.

Reporting Unknown / Incorrect Platform Detections

If for some reason Genian NAC cannot detect a device's platform, one of the following may be the cause:

Lack of Information : The device is not sending packets or responding to requests. The OS firewall may be enabled.

No Matching Pattern in GPDB : The node information contains evidence of a specific platform, but GPDB does not yet have a matching pattern.

If there is no matching pattern in GPDB, you can use the incorrect platform report dialog to send that node information to the Genian Cloud. When Genians receives the report, a platform engineer will investigate the pattern and update GPDB.

Disabling Unknown Platform Reporting

By default, Genian NAC sends incorrect platform reports for unknown platform nodes daily. All transmitted information can be read externally from the appliance. To disable sending incorrect platform reports to Genian Cloud, follow these steps:

Go to Preferences in the top panel.
Go to Preferences > Node Management.
Set the Node Information Search > Undetected Platform Reporting option to OFF.
Click the Update button.