Genian Device Platform Intelligence (GDPI)
What is GDPI
BYOD, which uses a personal device in a business network, or IoT, in which all IT devices are connected to a network, makes todays networks more sophisticated and versatile than before. This puts a heavy burden on administrators responsible for IT security.
IT managers need to protect the network from vulnerable devices by allowing only authorized devices to connect to the network. However, it is not easy to identify and manage the various devices that are connected between many access points in an organization.
Genian NAC 6.0 provides Device Platform Intelligence to make this task easier for administrators.
First, Device Platform Intelligence identifies the manufacturer, product name, and model name of devices connected to the network through various intelligent methods. Through the identified Device Platform, the administrator can inquire various information possessed by the device such as:
Photos of the device
Type of device connection (wired, wireless)
End of Sale (EOS) status of the device.
End of Life (EOL) status of the device
Manufacturer
Country of manufacturer
Manufacturer Business Continuity Status
Acquisition of manufacturer
This additional information makes it easier for administrators to manage IT by providing greater visibility into devices on their network.
Device Platform and CVE
Common Vulnerabilities and Exposures (CVE) is a database of vulnerabilities in IT equipment and software provided by MITER. More than 1,000 new vulnerabilities are released each month. IT managers must identify vulnerabilities associated with IT devices they manage. Genian NAC 6.0 can identify the IT devices in the network and show their CVEs to make network management easier.
How to Detect Device Platform
Genian NAC 6.0 will detect connected device platforms using various information collected by the Network Sensor. When a device connects to the network, packets are sent out and the device responds with one or more protocols. Genian NAC 6.0 uses the following protocols to detect devices platform information
- Active Method:
HTTP / HTTPS header and body
Web Browser User-Agent
TELNET / SSH / SMTP banners
Open Port
SNMP OID / Description
SIP
and more
- Passive Method:
Web Browser User-Agent (using SPAN port)
MAC Address
Hostname
DHCP Request
UPNP
HPSLP
and more
Genian NAC 6.0 is using our own, highly advanced platform database (GPDB) for detecting device platforms. GPDB has various patterns for matching against device information to ensure that platforms are accurately detected. To provide paramount accuracy, the GPDB is updated weekly so that the newest devices on the market can be quickly identified within the network. (Weekly GPDB updates are for the Paid Edition Only. The Free Edition’s GPDB is updated monthly)
Node Types
Each Device Platform has a Node Type, such as:
Policy Server
Network Sensor
Virtual Sensor
Agent Sensor
Switch Port
Sensor Alias
Virtual IP
Wireless Sensor
Undefined
PC
Mobile Device
Server
Network Appliance
Wireless Device
Router
Switch
Security Device
Printer
VOIP
Other
You can browse or make policy based on this node type information.
Genian Platform Database (GPDB)
GPDB is a database that stores device platform detection pattern and device platform information related to GDPI. This GPDB is constantly updated via Genians' device platform engineers. This makes it possible to detect new devices quickly without any additional work.
To check the time of the last updated GPDB
Go to System > Genian Data
See time of Platform Information
See Device Platform Intelligence
You can see additional device platform information through Device Platform Intelligence page.
To see individual nodes information,
Go to Management > Node in the top panel
Find and click a desired Platform name of Node
Define a Node Platform Manually
Go to Management > Node in the top panel
Select the desired node’s IP Address
Under General tab
For Platform, click Checkbox to Manually define
Manually enter Platform Name
Click Update
Note
In Node View you will now see a Icon next to name in the Platform Column. This Icon will indicate this has been manually defined.
Create a User-defined Node Type
Go to Preferences in the top panel
Go to Properties > Node Type in the left Preferences panel
Click Tasks > Create
Enter a Name and select an Icon (Click **Add* to upload your own icon*)
Click Save
Note
A User-defined Node Type must be defined manually and added to the node.
Go to Management > Node in the top panel
Click on desired node IP Address
Under General tab
For Node Type, click Checkbox to Manually define
Select Node Type
Click Update
Report Unknown/Wrong Platform Detection
If for some reason Genian NAC 6.0 cannot detect the Platform of a device, one of the following could be the underlying reason:
Not enough information: A device is not sending packets or is not responding to any request. This is possible if the OS has a Firewall active
No matching pattern in GPDB: Node information has some evidence of a specific Platform, but the GPDB does not have that matching pattern yet.
In case there is no matching pattern in our GPDB, you can send that Nodes information to the Genian Cloud using the Report Wrong Platform dialog. Once Genians has received the report, our engineers will investigate the Platform pattern and update it to the GPDB.
Disable Reporting Unknown Platform
By default, Genian NAC 6.0 sends a Report Wrong Platform for unknown Platform Nodes every day. All sent information is readable from outside of the device. To deactivate sending a Report Wrong Platform to the Genian Cloud, follow these steps:
Go to Preferences in the top panel
Go to General > Node in the left Preferences panel
Under Detection
For Reporting Unknown Platform, select Off
Click Update