CrowdStrike Classification Details
This article summarizes which device attributes can be enriched from our connector with CrowdStrike, and the benefits of using that enriched data in policy.
Our integration with CrowdStrike is intended to allow customers to use the most accurate device classifications in policy decisions. CrowdStrike, via their endpoint agent, collects and identifies device details and attributes. Elisity leverages our own network based rapid device discovery mechanisms alongside CrowdStrike so that our customer’s devices get the most appropriate policies applied in a timely manner.
When a new device is discovered by any of Elisity's methods, Cloud Control Center queries CrowdStrike using the following parameters until a match is found:
1. DeviceID (MAC Address) first
2. IP Address fallback if MAC Address is not known
A new query is made every 24 hours to check for updated device attributes but can be refreshed on demand by clicking the refresh button next to the IdentityGraph tile for CrowdStrike.