Elisity supports simple API connectivity to Medigate as a method to enrich IT, IoT, OT and IoMT device discovery and identity. This enables asset data from Medigate to be imported into IdentityGraph for all assets that appear on your Elisity-secured network. This enhances the precision and effectiveness of asset classification.
Prerequisites
- Admin access to the Medigate online portal for API key generation
- The Medigate on-premise collector should be deployed and operational
Connector Instructions
Step 1. Generate the API token on the Medigate online portal by logging in and navigating to Settings > System Settings > User Management. Select Add User.
Step 2. Create an API user by selecting the API User option, fill out the required fields and select Create User. Our API User needs Read-Only Permissions. Choose Select All in the Site Permissions field.
Step 3. After creating the user, select Generate Token next to the user name where the portal says Pending Token Generation. Copy the API token to your clipboard as we will be using it when creating the connector in Elisity Cloud Control Center.
Step 4. Log into Elisity Cloud Control Center and navigate to settings > Connectors and select + ADD CONNECTOR
Step 5. Select Configure on the Medigate connector tile in the list that pops up on the right side of the screen.
Step 6. Enter the API URL (issued by Medigate), and the API Token generated in a previous step in the appropriate fields and select Review and Submit. All the other fields are optional.
example API URL: https://api.medigate.io/ (please check your Medigate documentation to find the API URL Medigate provides for your country/region.)
Step 7. After the connector has been configured it should show Active on the main connector page in Cloud Control Center.
Step 8. You can also use the Medigate integration to check to make sure the device exists in Medigate's platform before "trusting" it to be classified into the Policy Group. Select Trust Attributes in the criteria dropdown box, and then select Known in Medigate in the items dropdown box.
After successfully configuring the Medigate connector, you should begin to see assets enriched with Data from Medigate in IdentityGraph.
Enriched Data in IdentityGraph
The Identity Graph in Elisity provides detailed insights into the devices connected to your network. The enriched data displayed for each device helps administrators quickly assess and manage the security posture and connectivity of their network assets. Below is an explanation of the key elements shown in the enriched data view for a device:
Types of attributes gleaned from Medigate and example values are below:
-
Device Genre: Indicates the genre or type of device, classified as
IT
. -
Class: The broad category the device falls under, here identified as
Computers
. -
Vendor: The manufacturer or vendor of the device, listed as
VMWare
. -
Type: The specific type of device, which is a
PC
. -
Operating System: The operating system installed on the device, here it's
Windows 10/11/Server 20...
. -
Risk Score: A calculated score indicating the potential risk associated with the device, with
59
being the score shown. -
Risk Score Level: The classification of the risk score, marked as
HIGH
. -
Purdue Level: The Purdue model level assigned to the device, which is
3
. -
Last Update: The last time the data was updated, noted as
08/28/2024, 12:57 AM
. -
Asset ID: A unique identifier for the asset within the system, denoted as
HCUBDOA
. -
Combined OS: Indicates combined or possible operating systems, showing
Windows 10/11/Server 20...
. -
Device Type Family: Classifies the family of the device type, such as
PC
. -
Domain Name: The domain name associated with the device, identified as
VE.ELISITY.COM
. -
Financial Cost: The estimated financial cost range of the device, noted as
$1,000-$10,000
. -
Matched Source: The method used to match the device, here it's
IP + MAC
. -
OS Category: The category of the operating system, such as
Windows
. - OS Version: Details about the operating system version.
-
Site Name: The name of the site where the device is located, listed as
main
.
This is not an exhaustive list - other attributes are available such as SSID List and BSSID List are available and usable as Policy Group Match Criteria.
This enriched data allows administrators to have a comprehensive view of the device's identity, risk, and operational status, enabling more informed decision-making regarding network security and policy management.