Asset Discovery
The Asset Discovery module generates Asset Inventory by passively fingerprinting the OS and other parameters for the assets in OT/IT/IoT networks. This improves threat visibility for the networks and helps with optimizing decoy placement.
The Asset Discovery page displays the following information:
Action |
Click Delete to remove the asset. |
IP Address |
|
The MAC address of the asset. |
|
Vendor |
The vendor identified by the asset MAC address. |
Network |
The network this asset was discovered. |
Hostname |
The hostname of the asset. |
Device OS |
The Device OS of the asset. |
The firmware version of the asset. |
|
The type of the asset. |
To enable Asset Discovery:
- Go to Deception > Asset Discovery.
- Click Asset discovery setting.
- Enable the following the settings:
Passive IT Network Discovery Enable to allow FortiDeceptor to identify common IT devices such as servers, laptops, and routers by sniffing network traffic.
Select all the ports connected to the network for discovery.
Passive ICS Network Discovery Enable to allow FortiDeceptor to identify industrial control devices such as PLC controllers.
Select all the ports connected to the network and ICS protocols for discovery. The available protocols are, MODBUS, DNP3, ENIP, S7comm/S7comm plus, BACNET, Profinet, FINS, ATG, Kamstrup, Moxa, IEC104, FL-net, GE-EGD, GE-SRTP, Triconex and PCOM.
- Click OK.
To delete multiple assets at the same time:
- Select the assets you want to delete.
- In the toolbar, click Delete.
To export the asset details as a CSV file:
In the toolbar, click Export CSV.