Device Identification Overview on Zenconsole
Zenarmor's Device Identification capability autonomously detects and classifies all network-connected devices, presenting a comprehensive summary of their characteristics, including hardware vendor, operating system, name, hostname, IP addresses, and MAC addresses. These devices can subsequently be categorized according to their respective classifications.
It is critical to keep in mind that the Zenarmor device identification feature was initially implemented in version 1.16. While it exhibits impressive proficiency in detecting the majority of devices connected to your network, there may be specific situations in which it detects minor inconsistencies or inaccurate data, requiring manual user intervention to rectify and input. This is due to the fact that an analysis of network traffic lacking comprehensive TLS inspection yields only partial device information.
The good news is that beginning with Zenarmor 1.17, which is slated for release in the first quarter of 2024, a comprehensive TLS inspection will be accessible. This proposed enhancement will have a comprehensive impact on the network inspection capabilities of Zenarmor, extending beyond device identification.
Figure 1. Devices Page on Zenarmor
The Device Identification feature is only available for the Zenarmor Paid Editions. To gain the benefit of the Device Identification feature and for more information, see the plans & pricing.
Benefits of Zenarmor Device Identification
By providing valuable insights into the IT ecosystem, the device identification feature improves network visibility and overall network security.
The primary advantages of utilizing the Zenarmor device identification feature are as follows:
- Ensuring device inventory is current: Zenarmor maintains a current list of all connected devices, eliminating the need for manual tracking and guaranteeing that no devices are overlooked.
- Increased network visibility: Zenarmor furnishes comprehensive data regarding every device linked to the network, a feature that proves valuable to IT teams conducting infrastructure investigations by facilitating the identification of potentially hazardous or "rogue" devices connected to the network.
- Real-time device tracking: Zenarmor performs real-time device tracking by periodically inspecting the network for newly connected devices. Real-time tracking guarantees that IT personnel are consistently informed of the addition of new devices to their network, thereby furnishing an additional robust mechanism for safeguarding the system against malicious or unauthorized devices.
How Zenarmor Device Identification Works
The Device Identification functionality compiles an exhaustive inventory of all devices by employing a variety of techniques, such as IP address monitoring, MAC address identification, and device fingerprinting. The devices are identified and classified by Zenarmor according to the subsequent criteria:
- HTTP protocol
- SSDP protocol
- DHCP protocol
- MAC manufacturer
- MDNS protocol
- SSH version
Users can perform the following operations on Devices:
- Viewing Detected Devices
- Status-Based Device Listing
- Category-Based Device Listing
- Viewing All Devices
- Searching a Device
- Selecting Layout
- Refreshing Device List
- Downloading Devices List
- Reordering Devices List
- Viewing Device Details
- Acknowledging New Devices
- Managing Devices
- Mark as Starred
- Mark as Hidden
- Mark as Trust or Untrust
- Change Name
- Change Category
- Stop Automatic Identification
- Merge with a Parent Device
- Remove a Child Device From a Parent Device
- Delete Device
Here is the hands on video for Zenarmor Device Identification and Access Control: