Connect Claroty xDome

Elisity supports simple API connectivity to Claroty xDome as a method to enrich IT, IoT, IoMT and OT device discovery and identity. This allows data from Claroty to be pulled into IdentityGraph for use as Core Effective Attributes when creating policies, enhancing the precision and accuracy of device classification and Policy Group matching.

 


Prerequisites

  • xDome API User created
  • xDome API User API Token Generated

Steps to Connect Claroty xDome

Step 1. Create an API User in xDome by logging into Claroty xDome and navigating to Settings > Admin Settings > User Management. Select + Add User and create an API User. 

NOTE:

To share the Enforcement Status of an asset known to both Elisity and Claroty, the API User must meet one of the following conditions:

  1. Be assigned to a full Read/Write Role in Claroty.
  2. Be assigned to a custom Role that includes the following permissions:
    • View Custom Attributes
    • Edit Custom Attribute Values
    • Add Custom Attributes

      To create a custom role, please review the Claroty documentation.
      Otherwise a Read-Only User Role in Claroty will suffice for IdentityGraph enrichment only. 

 

 

Step 2. After creating the user, select the Generate Token button to the right of the user name in the list. 

 

 

Step 3. Copy the token to your clipboard as we will be using it later. 

 

 

Step 4. Log into Elisity Cloud Control Center and navigate to Settings > Connectors and select + Add Connector button. 

 

 

Step 5. A list of tiles will slide out from the right side of the screen. Select configure on the Claroty xDome connector. 

 

 

Step 6. Input the API URL and the API Token you generated in a previous step and select Submit.

 

 

Step 7 (optional). Configure advanced settings for the Claroty xDome connector.

The following chart provides details about each advanced setting

Global Timer The frequency at which Cloud Control Center queries xDome for updates. From 1 to 168 hours. Default is 24 hours.
Initial Delay The delay in seconds before Cloud Control Center initiates the first query to xDome after initially discovering a new device. Default is 0 seconds

 

 

If the API URL and API Token were correct, all checks will pass and the connector will be created. 

 

 

After successful configuration, you should begin to see devices enriched by Claroty xDome in Identity Graph.


Sharing Asset Enforcement Status with Claroty xDome

Step 1. Ensure that the "Share Asset Enforcement Status" is selected under the connector configuration.

 

Step 2. Ensure that at least one asset in the Cloud Control Center has an Enforcement Status of "Enforced." For an asset to display "Enforced" status, it must be associated with a Policy Group that belongs to an active policy set containing at least one active policy for that Policy Group. Note that simulated policies do not contribute to the "Enforced" status.


Step 3
. Log into Claroty xDome and navigate to Devices > All Devices.



Step 4
. On the device table select the gear icon.


Step 5
. On the column selection window, choose + Custom Attribute. 


Step 6.
Fill out Attribute Name and Attribute API Name exactly as shown below and select Add.


Step 7.
Select the newly created "Elisity Enforced" attribute in the list and then select Add.


Step 8.
On the device table page, make sure to create a new custom view so that the "Elisity Enforced" column stays persistent. 

 

Creating at Custom Compensating Control with Elisity Enforced Status

NOTE:
Elisity recommends collaborating with your Claroty representative to design a Custom Compensating Control profile that aligns with best practices.


Step 1.
Log into Claroty xDome and navigate to Risk > Risk Configurations.


Step 2. 
Under Device Risk Configurations select the Compensating Controls Subscore option and then select the Custom Controls tab. Select Create New Custom Control.


Step 3.  
In the Create Custom Control window, provide a Control Name and Description then select + Add Value.


Step 4.
Configure a Value Name and Points and then select Select Attribute > All Attributes. 

 

Step 5. In the list of attributes, select Elisity Enforced and then select Apply.


Step 6.
Change the device condition to Elisity Enforced - In - Enforced and select Apply.


Step 7. 
Select the Enable control after applying option and then select Apply.


Step 8.
Save the new Custom Compensating Controls configuration and then select Activate. 

 

Was this article helpful?
0 out of 0 found this helpful