Assets
Assets are distinct devices in the network that cognitix Threat Defender defines by their IP and MAC addresses.
Each asset is identified by its unique ID, a human readable name and a list of MAC addresses and/or IP addresses. In addition, Threat Defender tracks related, passively aggregated values for every MAC address:
assigned user ID
assigned tags
a gateway indicator
creation timestamp
last update timestamp
every IP address seen for this MAC
MAC address vendor
Furthermore, the following Last Seen information is updated every time an asset connects to the network:
timestamp
VLAN tag
IPv4 address
IPv6 address
hostname requested via DHCP
hostname offered via DHCP
bridge name
interface name
user ID
time to live value (based on IPv4 TTL field or IPv6 hop limit field)
Assets can be used in network objects to segment the network. They can also be used in policies and event tracking tables to create policies for individual assets or groups of assets.
Note
Asset tracking requires an active license. The maximum number of tracked assets depends on the selected license.
Additional References:
Threat Defender can track assets automatically, see Asset Setting.
Assets can also be managed manually via the GUI under Inventory > Assets. See Creating a Network Inventory and Inventory.