The ExtraHop system automatically discovers and classifies devices on your network based on the protocol activity or device model and assigns a role to each device, such as a gateway, file server, database, or load balancer. You can change the role assigned to a device at anytime.
- After you change the device role, the device might be removed from or added to dynamic device groups that include a device role as criteria.
- Device role changes are not synchronized across connected ExtraHop systems. For example, if you change a device role on a sensor, the role is not changed from a connected console.
- Log in to the ExtraHop system through https://<extrahop-hostname-or-IP-address>.
- At the top of the page, click Assets.
- Click Devices in the left pane, and then click the Active Devices chart.
Filter the device list to find the device you want and then click the device
The Device Overview page appears, which displays traffic and protocol activity for the selected device.
- Click Edit Properties .
In the Device Role section, click the drop-down list, and
then click one of the following roles:
Role Description Auto Assign the role that the ExtraHop system identified for the device, which appears in parentheses. Attack Simulator Assign to a device that runs breach and attack simulation (BAS) software to simulate attacks in a network. Database Assign to a device that hosts a database instance. DHCP Server Assign to a device whose main function is processing DHCP server activity. DNS Server Assign to a device whose main function is processing DNS server activity. Domain Controller Assign to a device that acts as a domain controller for Kerberos, CIFS, and MSRPC server activity. File Server Assign to a device that responds to read and write requests for files over NFS and CIFS/SMB protocols. Firewall Assign to a device that monitors incoming and outgoing network traffic and blocks traffic according to security rules. Gateway Assign to a device that acts as a router or gateway. IP Camera
Assign to a device that sends image and video data through the network, such as security cameras.
Load Balancer Assign to a device that acts as a reverse proxy for distributing traffic across multiple servers. Medical Device Assign to a device that is specifically designed for healthcare needs and medical environments. Mobile Device Assign to a device that has a mobile operating system installed, such as iOS or Android. NAT Gateway Assign to a device that acts as a Network Address Translation (NAT) gateway. A NAT gateway is typically associated with four or more OS fingerprint families or with four or more hardware or vendor makes and models. After a device is assigned this role, device properties for software, hardware make and model, and authenticated users no longer appear for the device. PC Assign to a device such as a laptop, desktop, Windows VM, or macOS device. Printer Assign to a device that enables users to print text and graphics from other connected devices. VoIP Phone Assign to a device that manages voice over IP (VoIP) phone calls. VPN Gateway Assign to a device that connects two or more VPN devices or networks together to bridge remote connections. Vulnerability Scanner Assign to a device that runs vulnerability scanner programs. Web Proxy Server Assign to a device that processes HTTP requests between a device and another server. Web Server Assign to a device that hosts web resources and responds to HTTP requests. Wi-Fi Access Point Assign to a device that creates a wireless local area network and projects a wireless network signal to a designated area. Other Assign to a device when the device activity does not clearly identify a single role.
- Click Save.