Portnox - Enrich Asset Data
- 16 Mar 2023
- 2 Minutes to read
-
Print
-
DarkLight
-
PDF
Portnox - Enrich Asset Data
- Updated on 16 Mar 2023
- 2 Minutes to read
-
Print
-
DarkLight
-
PDF
Portnox - Enrich Asset Data enriches each of the devices that are the result of the query run (based on MAC address) with additional data from Portnox, such as:
- Access point IP address - If a wireless device is connected to a wireless access point.
- Failed Portnox compliances rules - If the device failed the Portnox authentication process.
- Last seen - the date and time of the last Portnox probe/trap/ping for this device.
- Status - The device status. The possible values are:
- Rogue – Device failed to be authenticated by Portnox.
- UnderAuthentication – Device currently undergoing Portnox authentication.
- Authenticated – Device successfully passed authentication.
- NonComplied – One or more compliance rules were not satisfied.
- List of users logged in to this device.
- IP address, MAC address and MAC vendor.
- Operating system.
- SSID - For a wireless device connected to a wireless access point, this field is the name of the SSID assigned to the device by the wireless controller.
- Switch IP address, moduel and port - For wired devices.
- Virtual host and switch - For virtual machines.
See Creating Enforcement Sets to learn more about adding Enforcement Actions to Enforcement Sets.
General Settings
- Enforcement Set name (required) - The name of the Enforcement Set. A default value is added by Axonious. You can change the name according to your needs.
- Add description (optional) - Click to add a description of the Enforcement Set. It is recommended to describe what the Enforcement Set does.
- Run action on assets matching following query (required) - Select an asset category and a query. The Enforcement Action will be run on the assets that match the query parameters.
- A query only returns results for the asset type it was created for.
- Not all asset categories are supported for all Enforcement Actions.
- See Actions supported for Activity Logs and Adapter Fetch History Modules
- Action name - The name of the Main action. A default value is added by Axonious. You can change the name according to your needs.
- Configure Action Conditions - Toggle on to enter a condition statement. See Configuring Enforcement Action Conditions to learn more about condition statement syntax.
To configure this action, do as follows:
- Define a unique action name.
- Specify the Portnox domain, user name and password.
NOTE
The user must be a member of the ARMRead user groups.
- Choose whether to verify the SSL certificate of the server.
- Connect the adapter to a proxy instead of directly connecting it to the domain.
- If you are using multi-nodes, choose the Axonius node to use to interact with the domain when executing the enforcement action.
- Save the action.
For more details about other Enforcement Actions available, see Action Library.