endpoint fingerprinting

Endpoint fingerprinting is a feature of enterprise network access control (NAC) products that enables discovery, classification and monitoring of connected devices, including non-traditional network endpoints such as smartcard readers, HVAC systems, medical equipment and IP-enabled door locks. Such endpoints are sometimes referred to as "dumb devices."

Endpoint fingerprinting is especially useful for controlling access to networked dumb devices. Because dumb devices do not interact with the network in the same way as a computer would, they have typically been difficult to track. Often, an enterprise has no inventory of non-traditional endpoints on the network, let alone a method of controlling access to them. Although the traditional view of network security has been to trust all devices on the network, the fluid nature of network peripheries and increasing mobility mean that approach is no longer tenable.

When networked devices are not monitored, they may enable unauthorized access to the enterprise's network and its resources. According to Usman Sindhu, an analyst at Forrester Research, networked dumb devices present a perfect opportunity for a hacker to perpetrate a man-in-the-middle attack: "If you are able to spoof the IP address of a device, you're essentially getting into the network environment."

Endpoint fingerprinting gathers IP and MAC addresses from endpoint devices and checks them against a list of approved addresses to confirm that each address is authentic and the corresponding device is authorized to access the network. IP and MAC addresses are monitored constantly to decrease the risk of unauthorized access.

Learn More:
Shamus McGillicuddy explains 'Using NAC endpoint fingerprinting to inventory dumb devices.'

View the next item in this Essential Guide: mobile application manager (MAM) or view the full guide: Mobile endpoint security: What enterprise infosec pros must know now

More News and Tutorials

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Research More Tech Terms

  • Search thousands of tech definitions
  • Browse tech definitions
    Browse Alphabetically:

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

Powered by WhatIs.com