Claroty CTD
  • 20 Jan 2025
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Claroty CTD

  • Dark
    Light
  • PDF

Article summary

Claroty CTD discovers assets and monitors communication patterns for Industrial Control System networks.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Vulnerabilities
  • Software
  • SaaS Applications

Parameters

  1. Claroty Domain (required) - The hostname of the Claroty server.

  2. User Name and Password (required) - The credentials for a user account that has the permissions to fetch assets.

  3. Tenant Tag (optional) - Automatically tag with the value specified, all devices discovered by this specific adapter connection.

  4. Verify SSL - Select whether to verify the SSL certificate offered by the value supplied in Claroty Domain. For more details, see SSL Trust & CA Settings.

  5. HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Claroty Domain.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Claroty

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Exclude IPv6 addresses - Select whether to fetch IPv6 addresses.
    • If enabled, all connections for this adapter will fetch only IPv4 addresses.
    • If disabled, all connections for this adapter will fetch both IPv4 and IPv6 addresses.
  2. Virtual zone exclude list (optional) - Enter a comma-separated list of Claroty virtual zones.
    • If supplied, all connections for this adapter will not fetch devices from virtual zones which are any of the comma-separated list of Claroty virtual zones that have been defined in this field.
    • If not supplied, all connections for this adapter will fetch devices with any Claroty virtual zone.
  3. Do not fetch devices with no IP address - Select whether to fetch devices without an IP address.
  4. Do not fetch devices with no MAC address - Select whether to fetch devices without a MAC address.
    • If enabled, all connections for this adapter will not fetch devices if they do not have a MAC address.
    • If disabled, all connections for this adapter will fetch devices even if they do not have a MAC address.
  5. Fetch only Unicast Devices - Select whether to fetch only unicast devices.
  6. Fetch vulnerabilities - Select this option to fetch vulnerabilities and add them to the matching devices.
  7. Additional insights to fetch - Enter names of insights you want to enrich device data with. The adapter will query these insights and add the relevant fields to the Devices table.
  8. Exclude fetched devices with greater than "x" IP address (optional, default: 0) - Exclude devices that are greater than the specified number of IP addresses. By default, a device is fetched, even if more than 1 IP address exists.
  9. Exclude fetched devices with greater than "x" MAC address (optional, default: 0) - Exclude devices that are greater than the specified number of MAC addresses. By default, a device is fetched, even if more than 1 MAC address exists.
  10. Fetch ghost devices - From the dropdown, select how to fetch ghost devices, either Fetch only ghost devices, Fetch only non-ghost devices or Fetch both.
  11. Fetch installed programs - Select this option to fetch installed programs.
  12. Specific fields (optional) - Enter a list of specific fields to fetch. If the specified fields have values, only those fields will be fetched.



Was this article helpful?

What's Next