New Cloud Control Center updates for 15.8
This release includes various bug fixes, updates to the UI, updates to the API, and several new and improved features detailed below.
IdentityGraph
Nozomi Networks IdentityGraph Connector
Elisity is pleased to announce its new integration with Nozomi Networks, utilizing a secure API connection to enrich device attributes in IdentityGraph. This integration allows verification of device existence in Nozomi's database before policy group assignment in Elisity, enhancing cybersecurity measures. The collaboration enables more precise policy crafting by leveraging enriched data, including details such as device model, serial number, and operating system. For detailed information, please refer to the Connect Nozomi Networks and Nozomi Networks Classification Details articles.
Elisity Open Connector UI
A user interface for Elisity Open Connector is now available in 15.8. To learn more about how to configure Open Connector with this new interface consult the Configure Open Connector article.
Connector Refresh Enhancement
Connector refresh has been moved from the connector tile to the Trust Attributes section of the IdentityGraph page. This allows you to refresh a device on a per connector basis even before the device has had its first enrichment and before the connector tile appears.
Randomized MAC Attribute
Cloud Control Center will now detect and display which devices in IdentityGraph are utilizing a Randomized MAC. This is represented by a "locked eye" icon. To learn more about the Randomized MAC attribute consult the IdentityGraph article.
CrowdStrike Integration Enhancements
The CrowdStrike connector has been enhanced to support user definable query and re-query timers. To learn more about this enhancement consult the Connect CrowdStrike article.
Child Domain Support for Active Directory
With the release of 15.8 comes an updated Active Directory Agent version 3.2.0 that now has support for multiple child domains alongside primary domains for monitoring and event collection.
Policy
Randomized MAC Policy Group Match Criteria
Devices discovered with a randomized MAC are typically personal devices such as tablets or phones with minimal identifying attributes, which are not found in any external system of record. These devices often have unique security and policy requirements, and must be isolated from vulnerable assets in the network. For this reason, Elisity now gives administrators the ability to use "Random MAC" as Policy Group match criteria. To learn more about the Randomized MAC consult the IdentityGraph article.
Elisity Native Match Criteria Enhancement - Subnet
The new feature allows administrators to use subnet as a match criteria to dynamically identify assets within a specific network segment. This can be combined with identity-based match criteria, enabling more granular control over device access and communication within these segments. For example, administrators can match devices with random MAC addresses on a designated guest subnet while maintaining identity-based controls. To learn more about the Subnet match criteria read the IdentityGraph article.
Device Reclassification Alert on Lock/Unlock
If any reclassification into another Policy Group will occur upon unlocking an asset from the current Policy Group, a notification will appear with the reclassification details. Use this information to determine if this is desired and how it will impact the assets policies. To learn more about locking assets read the Policy Groups article.
Analytics
Device ID Filter
You can now filter analytics based on Device ID. A devices ID can be collected from the IdentityGraph page. To learn more about analytics, read the Visibility and Traffic Analytics article.
Top Talker Enhancement
Analytics Traffic Flow view now supports 10/20/30 Top Talkers. To learn more about analytics, read the Visibility and Traffic Analytics article.
General UI
Support for Saving Filters
Filters can now be saved and loaded on several pages within the Cloud Control Center UI, including the Device, Policy Group, and Virtual Edge pages. To learn more, read the Introduction to Elisity Microsegmentation article.
Updated Virtual Edge Deployment Workflow
This release introduces a new UI for deploying Virtual Edges in Cloud Control Center. To learn more, read the onboarding guides here.
NOTE: For the purposes of graceful migration to Virtual Edge 16.0+, only existing customers will have the option to deploy older Virtual Edge versions.
Device ID Display
Device ID is now displayed in the Device Information section of an asset's IdentityGraph page.