Elisity supports simple API connectivity to Nozomi Networks Vantage as a method to enrich IT, IoT, OT and IoMT device discovery and identity. This enables asset data from Nozomi to be imported into IdentityGraph for all assets that appear on your Elisity-secured network. This enhances the precision and effectiveness of asset classification.
Prerequisites
- Nozomi API URL (Unique to your instance)
-
Nozomi API Key Name
-
Nozomi API Key Token
Steps to Connect Nozomi
Step 1. Generate a Nozomi API key by following the directions below or by reading the Nozomi API Guide
a) Log into the Nozomi Vantage console and navigate your profile settings
b) Select the API keys tab. Give the new key a description and optionally specify allowed IP ranges (such as the CCC IP if you want to lock it down). Lastly, if you have multiple Nozomi Organizations set up, select the Organization. Select Generate.
NOTE:
Only the default Organization will be used. Elisity does not support multi-organization configurations today. This functionality will be introduced in the next release.
c) Copy all of the generated API key details and then select OK.
Step 2. Log into Elisity Cloud Control Center and navigate to Settings > Connectors and select + Add Connector button.
Step 3. A list of tiles will slide out from the right side of the screen. Select configure on the Nozomi Networks connector.
Step 4. Input the API URL (unique to your instance). the API Key Name and the API Key Token you generated in the previous step and select Submit.
Step 5 (optional). Configure advanced settings for the Nozomi connector.
The following chart provides details about each advanced setting
Global Timer | The frequency at which Cloud Control Center queries Nozomi for updates. From 1 to 168 hours. Default is 24 hours. |
Initial Delay | The delay in seconds before Cloud Control Center initiates the first query to Nozomi after initially discovering a new device. Default is 0 seconds |
Step 6. If all of the required connector values are correct, all checks will pass and the connector will be created.
After successfully configuring the Nozomi Networks connector, you should begin to see newly discovered assets enriched with data from Nozomi in IdentityGraph. Any devices learned by Elisity prior to the connector being configured will be automatically scheduled for enrichment during the next 24 hour cycle and based on their attachment timestamp. Alternatively, you can force a refresh by selecting the refresh button next to the Nozomi name under the Trust Attributes section of IdentityGraph.
Leveraging Nozomi with Elisity
When Elisity discovers a new asset on the network and the Nozomi connector is active, Cloud Control Center queries the Nozomi platform via API for additional device attributes in order to enrich IdentityGraph. This enriched data is displayed in the IdentityGraph tab of the device and can be leveraged in Policy Group definition.
If a device discovered by Elisity is also known in Nozomi, the Trust Attribute flag for "Known in Nozomi" will be set to Yes. You can then leverage this trust attribute as match criteria in Policy Group definition.
To learn more about how to leverage IdentityGraph Trust Attributes review the Leveraging Trust Attributes for Policy Group Definition article.