WootCloud Blog

Device Fingerprinting Needs WootCloud TrueID™

Issues with device fingerprinting technologies

Current device fingerprinting technologies are a combination of active and passive methodologies of looking at network information or the application layer of ethernet traffic. This approach to fingerprinting does not accurately identify devices or their behavior and leads to inadequate and insufficient controls to protect the device and the infrastructure it operates in. 

What We Need 

In today’s environment, we have an explosion in the number & type of electronic devices that are connected via multiple communication protocols like WIFI, Zigbee, Bluetooth, BLE, and cellular networks. Device fingerprinting needs to be done based on the unique characteristics of the device across multiple dimensions, for instance, multiple layers like hardware, software, logical, functional, and operational characteristics. This approach provides the  needed richness of context  in device information which when combined with ML algorithms and rules yields a very rich data set to accurately set controls and policies. 

WootCloud TrueID

WootCloud TrueID goes beyond traditional fingerprinting by analyzing over hundreds of device parameters to generate a unique device identifier and authenticity rating called TrueID which renders 3 types of device fingerprints: 

  1. Device identity 
  2. Device group 
  3. Device operational 

Following the principles of Zero Trust, WootCloud TrueID works on the assumption that all devices trying to gain access to the network are compromised and have their Mac IDs already spoofed. To authenticate such devices,  WootCloud TrueID ML algorithms generate their own set of Mac IDs for every device presenting itself for credentialing and only provide access when there is a true match. TrueID  accurately identifies every  device, groups similar devices  together, and establishes the device group’s normal operation and function. This is a far superior measure and approach to establishing an effective Zero Trust security architecture because TrueID 

  1. Automatically identifies all types of devices in the organization. 
  2. Instantly identifies anomalous behavior in the devices whose fingerprints have been collected.
  3. Generates labels based on all the collected information, intermediate insights and final fingerprints and uses these labels in the micro-segmentation and policy layers.
  4. Offers insights about the risks, threats associated and best practices

Zero Trust is rooted in the principle of “Always verify, never trust” which means verifying a person’s identity first, before giving them access. WootCloud’s TrueID takes it one step further. It involves gathering deep device identity information coupled with behavior profiling data, and uses ML and AI to give you a rich data set to use in device and network micro- segmentation and risk management. 

This way it would allow you to granularly grant access to only the devices you actually want on your network while retaining a strong degree of confidence that you actually know that the end-device is what it says it is. 

Our unique approach using WootCloud TrueID was instrumental in delivering an end to end device security solution at a large data storage company and a cloud computing company too. To learn more please visit www.wootcloud.com or schedule a demo at www.wootcloud.com/demo.

Share this post with your network.

Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
Contributing Author:

Share this post with your network.

Share on linkedin
Share on twitter
Share on facebook

Recent FBI Warnings on Device Security

FBI recommends that you keep your IoT devices on a separate network Is your smart TV spying on you? A new FBI warning says it’s possible Securing the Internet of Things

This website uses cookies to ensure you get the best experience on our website.