Introduction
Elisity supports API connectivity to Asimily as a method to enrich IoT, IoMT, and OT device discovery and identity. Asimily is a device intelligence platform that specializes in medical device risk assessment, vulnerability management, and asset visibility for healthcare, IoT, and OT environments. This integration enables asset data from Asimily to be imported into IdentityGraph for all devices that appear on your Elisity-secured network.
By integrating Asimily with the Cloud Control Center (CCC), organizations gain unified visibility of medical, IoT, and OT devices alongside IT assets. This enhances the precision of asset classification and enables risk-based microsegmentation policies for clinical devices such as infusion pumps, patient monitors, and imaging systems, as well as IoT devices like IP cameras, building automation controllers, and other connected assets.
The integration consists of the following components:
- Asimily API credential configuration
- Connector setup in CCC
- Automated device enrichment via periodic synchronization
Asimily enrichment data is available as match criteria in Dynamic Policy Groups, enabling automated classification and segmentation of devices based on Asimily attributes such as device type, manufacturer, risk score, clinical department, and ePHI indicators.
Prerequisites
- An active Asimily subscription with API access enabled
- Asimily API credentials (API URL, Username, and Password) generated from the Asimily management console
- Administrator access to the Elisity Cloud Control Center
- Network connectivity from CCC to the Asimily cloud API endpoint
The Asimily API user account must have the user role assigned at minimum for view only access.
For more information see the Asimily documentation at:
https://<Customer>-portal.asimily.com/docs/help/configuration/identity-and-access-management#user-role
Connector Instructions
Step 1. Generate API Credentials in Asimily
Log in to the Asimily management console and create API credentials for the Elisity integration. Record your customer URL, Username, and Password values. These credentials are required during the CCC connector configuration.
Step 2. Add the Asimily Connector in CCC
Navigate to Settings > IdentityGraph > Connectors in the Cloud Control Center. Click + ADD CONNECTOR and click Configure on the Asimily tile from the list of available connectors.
Step 3. Configure the Asimily Connector
Enter the following configuration parameters:
| Parameter | Description |
|---|---|
| Connector Name | A descriptive name for this connector instance (for example, Asimily-Production) |
| API URL | The Asimily API endpoint URL (for example, https://your-org-portal.asimily.com) |
| Username | The Asimily API username created in Step 1 |
| Password | The Asimily API password associated with the username. CCC authenticates to the Asimily API using these credentials over HTTPS. |
Click Save to create the connector. CCC initiates the first synchronization automatically.
Step 4. Configure Advanced Settings (Optional)
Advanced Settings
The Advanced Settings tab exposes connector-level tuning options that control how Cloud Control Center queries the connector, how learned data is retained, and how the connector's data is used by IdentityGraph and Insights.
The following chart provides details about each advanced setting.
| Setting | Description |
|---|---|
| Global Timer | The frequency at which Cloud Control Center queries the connector for updates. From 1 to 168 hours. Default is 24 hours. |
| Initial Delay | The delay in seconds before Cloud Control Center initiates the first query to the connector after initially discovering a new device. Default is 0 seconds. |
| Connector Data Purging | When enabled, Cloud Control Center purges all data learned about a device from this connector if the device is no longer found when querying the connected application. The time period between purge events is configurable from 1 to 90 days. The connector status will change from "Up to Date" to "Stale" if the device is no longer known by the connector but prior to the purge event. |
| Query Exclusion Rules | Limit the scope of Cloud Control Center queries by excluding specific Subnets or Virtual Edge Nodes, and by enabling or disabling the querying of devices with Random MAC addresses. |
| Enrichment Lookback Window | Defines how far back IdentityGraph looks for device activity when determining a device's eligibility for enrichment from this connector. Devices whose last seen timestamp falls within the configured window are eligible for enrichment; devices outside the window are not. Increasing this value may improve enrichment coverage for environments with infrequently connected devices (servers, OT systems, remote assets) but can increase processing load. Available values: 1 hour, 1 day, 3 days (default), 7 days, 30 days, 90 days. |
| Trusted Connector |
Controls whether Insights uses data from this connector when generating recommended Policy Groups. When enabled, device attributes from this connector are eligible to inform Insights' Policy Group recommendations. When disabled, Insights ignores this connector as a source for recommendations. Note: This setting only affects Insights recommendations — it does not change device verification status, trust attributes, or how the connector's data is used elsewhere in the platform. |
Connector Status
The connector status reflects its health and availability based on recent query performance. To ensure accuracy and reduce false positives, the status is determined using a rolling 15-minute evaluation window.
| Status | Description |
|---|---|
| Active | Normal operation with minimal query failures. The connector is communicating successfully with the Asimily API. |
| Degraded | Increased query failures detected, but the connector is still operational. |
| Inactive | The connector is unresponsive due to persistent failures. Check the Asimily API endpoint URL, and credentials. |
To view connector status, navigate to Settings > IdentityGraph > Connectors. The status column displays the current health of each configured connector.
Leveraging Asimily with Elisity
When Elisity discovers a new asset on the network and the Asimily connector is active, Cloud Control Center queries the Asimily platform via API for additional device attributes in order to enrich IdentityGraph. This enriched data is displayed in the IdentityGraph tab of the Device Details page and can be leveraged in Policy Group definition. Select attributes are mapped to Core Effective Attributes in IdentityGraph and can be seen in the Asimily Classification Details article.
If a device discovered by Elisity is also known in Asimily, the Trust Attribute flag for Known in Asimily will be set to Yes. You can then leverage this trust attribute as match criteria in Policy Group definition.
To learn more about how to leverage IdentityGraph Trust Attributes review the Leveraging Trust Attributes for Policy Group Definition article.