Knowing what is on your network is fundamental to securing your IT infrastructure. A single compromised device gives adversaries a foothold from which they can move laterally and take what is yours. Unfortunately, there is no common means for IP-enabled devices to identify themselves. Vigilant Lens from DeepSafer not only does it uncover hidden networks in your environment, it also finds and fingerprints every device connected to your network. Our advanced machine learning algorithms, integrated within the Vigilant agent, identify the operating system, type, and role of each device on your network. As a result, security professionals have more up-to-date information on, and better visibility into, what is on their network, so that they become fully equipped to make better risk management decisions. Knowing what devices exist in your network is fundamental to the success of subsequent security action, whether installing an agent on an unmanaged endpoint, isolating an unsupported device from your network, or tracking vulnerabilities. Unfortunately, there exists no common mechanism for network devices to announce or identify themselves. Therefore, any network mapping tool has to be able to identify the operating system, type, and role of each device through a process called fingerprinting. This involves scanning and processing data from the network, to accurately discover all devices and gather as much information as possible about them.
What is Lens
Lens is a network discovery feature that delivers unmatched visibility and precision control without disrupting network operations. Built for seamless integration, it empowers security teams with real-time insights to connected devices and hidden networks to stay ahead of evolving threats. Vigilant Lens turns every protected endpoint into a network of sensors, capable of identifying any IoT and connected device with minimum human intervention. Using AI to monitor and control access to every IoT device, DeepSafer allows machines to solve a problem that has been previously impossible to address at scale. This technology enables complete environment visibility by fingerprinting and profiling devices that it discovers. Vigilant Lens is the industry’s first solution that allows machines to autonomously protect and notify security teams about the presence of hidden networks, rouge devices, and unwanted devices.
Key benefits:
- Automatically generate and maintain live device asset inventory.
- Ensure every device joining your network is protected with a few clicks.
- Fingerprint operating systems and device configurations.
- No additional agents to install.
- No physical network appliance or redirecting traffic.
- No manual traffic capture or upload of logs for processing.
Why Does Enterprise Need This?
The number of devices running on networks is increasing as people bring their personal phones, laptops, and smart devices into the workplace. Additionally, more and more Internet of Things (IoT), Operational Technology (OT), and smart appliances are being added to the network. All these devices are becoming increasingly intelligent and complex. This complexity can lead to bugs, and bugs can lead to vulnerabilities. This means it’s increasingly important for network administrators to have a way of keeping inventory of what’s on their network. Lens generates this inventory automatically and maintains itself over time. Lens also makes it easy to find unmanaged endpoints. You want to make sure every device joining your network is protected, but this can be tricky with an increasing number of devices and limited IT personnel. With Lens, a list of unmanaged endpoints is just a few clicks away.
Lens is uniquely positioned to solve these challenges via a blend of network scanning technologies and AI, MAC addressing, and our AI-driven Vigilant agents. First, Lens transforms Vigilant agents into distributed network sensors, and it is these Sentinels which play an important role in training the fingerprinting model. Lens combines many network scanning techniques with manual rules and MAC address information to deliver superior device fingerprinting, with no additional hardware or software to deploy. This saves customers time, money, and headache.
Therefore, Vigilant Lens scan settings are highly configurable by subnet, so the admin controls what is scanned when and by what method.
Summary
Through better fingerprinting, customers are better able to protect their networks. By more accurately categorizing IoT devices on your network, you more completely understand risk which, in turn, informs better corrective action planning. Identify your agent deployment gaps, quantify your exposure to device-based threats like Ripple20, and prevent vulnerable devices from becoming compromised devices.
Lens helps you to:
- Take immediate actions based on the risk image.
- Isolate devices.
- Set tags on devices to group them.
- Apply device review statuses to mark as Not Trusted, Suspicious or Allowed.
Conclusion
By using DeepSafer agent as the foundation, a modern machine learning model is crafted which dramatically improves networked device fingerprinting. Moreover, such a model continuously improves autonomously as it sees and learns more devices, without the overhead of developing and maintaining rules. In this way, network administrators and security professionals are better equipped to more seamlessly and fully understand and reduce device-based risk, without any additional hardware or network changes.