This article summarizes which device attributes can be enriched from our connector with Asimily, and the benefits of using that enriched data in policy.
Our integration with Asimily is intended to allow customers to use the most accurate device classifications in policy decisions. Asimily collects and analyzes device traffic in order to identify device details and attributes over time. Elisity leverages our own rapid device discovery mechanisms along with the Asimily's analysis so that our customer’s devices get the most appropriate policies applied in a timely manner.
When a new device is discovered by any of Elisity's methods, Cloud Control Center queries Asimily using the following parameters until a match is found:
1. IP + MAC Address
2. MAC Address
Engage Elisity support to modify the behavior of the above query order.
A new query is made every 24 hours to check for updated device attributes but can be refreshed on demand by clicking the refresh button next to the IdentityGraph tile for Asimily. Any devices learned by Elisity prior to the Connector being configured will be automatically scheduled for enrichment during the next 24 hour cycle and based on their attachment timestamp.
Core Effective Attributes
Asimily maps the following attributes to Elisity Core Effective Attributes. When Asimily is the highest-priority connector, these values populate the device's core identity in IdentityGraph:
| Asimily Attribute | Elisity Core Effective Attribut | Example Value |
|---|---|---|
| Hostname | Hostname | RADIOLOGY |
| Device Model | Model | 990001ESP |
| Device Type | Type | X-Ray |
| Device Families | Class | Medical Devices |
| Manufacturer | Vendor | GE Healthcare |
| OS | Operating System | ThreadX |
Enrichment Attributes
The following table describes the attributes that Asimily provides to IdentityGraph for each discovered device:
| Attribute | Description | Example Value |
|---|---|---|
| Device ID | The unique device identifier in the Asimily platform | 1151381 |
| Risk Score | A numeric risk assessment score assigned by Asimily based on known vulnerabilities, configuration, and network exposure | 4 |
| Department | The hospital department, clinical area, or organizational unit where the device is deployed | P/T VERMILION |
| Facility | The facility or site name associated with the device in Asimily | Asimily Demo |
| Location | The physical location of the device | Victoria |
| Serial Number | The serial number of the device as reported by Asimily | E2-3942 |
| Firmware Version | The software or firmware version running on the device | 7.0.59_PN883783-01 |
| Stores ePHI | Indicates whether the device stores electronic Protected Health Information | true |
| Transmits ePHI | Indicates whether the device transmits electronic Protected Health Information | true |
| Device Tag | Tags applied to the device in Asimily (supports multiple values) | critical-care |
| Managed By | The management entity or team responsible for the device | Biomed |
| Anomaly Present | Indicates whether Asimily has detected anomalous behavior from the device | true |
| High Risk Vulnerabilities Present | Indicates whether the device has known high-risk vulnerabilities | true |
| FDA Recall Present | Indicates whether the device is subject to an active FDA recall | false |
| Purdue Level | The Purdue Reference Model level assigned to the device (relevant for OT/ICS environments) | 1 |
The specific attributes available depend on the data Asimily collects for each device. Not all attributes are populated for every device.
Next Steps
- Configure Dynamic Policy Groups using Asimily attributes to automate medical device segmentation. See Policy Groups.
- Adjust the enrichment priority order to define how Asimily attributes interact with other connectors. See IdentityGraph.