.. _dpi:
Genian Device Platform Intelligence (GDPI)
==========================================
What is GDPI
------------
BYOD, which uses a personal device in a business network, or IoT, in which all
IT devices are connected to a network, makes todays networks more sophisticated
and versatile than before. This puts a heavy burden on administrators
responsible for IT security.
IT managers need to protect the network from vulnerable devices by allowing
only authorized devices to connect to the network. However, it is not easy to
identify and manage the various devices that are connected between many access
points in an organization.
Genian ZTNA provides Device Platform Intelligence to make this task easier for
administrators.
First, Device Platform Intelligence identifies the manufacturer, product name,
and model name of devices connected to the network through various intelligent
methods. Through the identified Device Platform, the administrator can inquire
various information possessed by the device such as:
- Photos of the device
- Type of device connection (wired, wireless)
- End of Sale (EOS) status of the device.
- End of Life (EOL) status of the device
- Manufacturer
- Country of manufacturer
- Manufacturer Business Continuity Status
- Acquisition of manufacturer
This additional information makes it easier for administrators to manage IT by
providing greater visibility into devices on their network.
Device Platform and CVE
-----------------------
Common Vulnerabilities and Exposures (CVE) is a database of vulnerabilities in
IT equipment and software provided by `MITER`_. More than 1,000 new
vulnerabilities are released each month. IT managers must identify
vulnerabilities associated with IT devices they manage. Genian ZTNA can identify
the IT devices in the network and show their CVEs to make network management
easier.
.. _MITER: https://cve.mitre.org/
How to Detect Device Platform
-----------------------------
Genian ZTNA will detect connected device platforms using various information
collected by the **Network Sensor**. When a device connects to the network,
packets are sent out and the device responds with one or more protocols. Genian
ZTNA uses the following protocols to detect devices platform information
Active Method:
- HTTP / HTTPS header and body
- Web Browser User-Agent
- TELNET / SSH / SMTP banners
- Open Port
- SNMP OID / Description
- SIP
- and more
Passive Method:
- Web Browser User-Agent (using SPAN port)
- MAC Address
- Hostname
- DHCP Request
- UPNP
- HPSLP
- and more
Genian ZTNA is using our own, highly advanced platform database (GPDB) for
detecting device platforms. GPDB has various patterns for matching against
device information to ensure that platforms are accurately detected. To provide
paramount accuracy, the GPDB is updated weekly so that the newest devices on
the market can be quickly identified within the network. (*Weekly GPDB updates
are for the Paid Edition Only. The Free Edition’s GPDB is updated monthly*)
Node Types
----------
Each Device Platform has a Node Type, such as:
- Policy Server
- Network Sensor
- Virtual Sensor
- Agent Sensor
- Switch Port
- Sensor Alias
- Virtual IP
- Wireless Sensor
- Undefined
- PC
- Mobile Device
- Server
- Network Appliance
- Wireless Device
- Router
- Switch
- Security Device
- Printer
- VOIP
- Other
You can browse or make policy based on this node type information.
Genian Platform Database (GPDB)
-------------------------------
GPDB is a database that stores device platform detection pattern and device
platform information related to GDPI. This GPDB is constantly updated via
Genians' device platform engineers. This makes it possible to detect new
devices quickly without any additional work.
To check the time of the last updated GPDB
#. Go to **System > Genian Data**
#. See time of **Platform Information**
See Device Platform Intelligence
--------------------------------
You can see additional device platform information through `Device Platform
Intelligence`_ page.
.. _Device Platform Intelligence: https://www.genians.com/device-platform-intelligence/
To see individual nodes information,
#. Go to **Management > Node** in the top panel
#. Find and click a desired **Platform** name of **Node**
Define a Node Platform Manually
-------------------------------
#. Go to **Management > Node** in the top panel
#. Select the desired node’s **IP Address**
Under **General** tab
#. For **Platform**, click **Checkbox** to **Manually define**
#. Manually enter **Platform Name**
#. Click **Update**
.. note:: In Node View you will now see a Icon next to name in the Platform
Column. This Icon will indicate this has been manually defined.
Create a User-defined Node Type
-------------------------------
#. Go to **Preferences** in the top panel
#. Go to **Properties > Node Type** in the left Preferences panel
#. Click **Tasks > Create**
#. Enter a **Name** and select an **Icon** (*Click **Add** to upload your own
icon*)
#. Click **Save**
.. note:: A User-defined Node Type must be defined manually and added to the node.
#. Go to **Management > Node** in the top panel
#. Click on desired node **IP Address**
Under **General** tab
#. For **Node Type**, click **Checkbox** to **Manually define**
#. Select **Node Type**
#. Click Update
Report Unknown/Wrong Platform Detection
---------------------------------------
If for some reason Genian ZTNA cannot detect the Platform of a device, one of
the following could be the underlying reason:
- **Not enough information**: A device is not sending packets or is not
responding to any request. This is possible if the OS has a Firewall
active
- **No matching pattern in GPDB**: Node information has some evidence of a
specific Platform, but the GPDB does not have that matching pattern yet.
In case there is no matching pattern in our GPDB, you can send that Nodes
information to the Genian Cloud using the Report Wrong Platform dialog. Once
Genians has received the report, our engineers will investigate the Platform
pattern and update it to the GPDB.
Disable Reporting Unknown Platform
----------------------------------
By default, Genian ZTNA sends a Report Wrong Platform for unknown Platform Nodes
every day. All sent information is readable from outside of the device. To
deactivate sending a Report Wrong Platform to the Genian Cloud, follow these
steps:
#. Go to **Preferences** in the top panel
#. Go to **General > Node** in the left Preferences panel
Under **Detection**
#. For **Reporting Unknown Platform**, select **Off**
#. Click **Update**