Asset Intelligence overview

Asset Intelligence (AI) is an add-on feature which enhances device profiles. This enables administrators to make better informed decisions with regards to the maintenance and security of their operational technology (OT) / Internet of Things (IoT) environments.

Once the Nozomi Networks Operating System (N2OS) recognizes an asset, it is stored in the inventory of the Asset Intelligence (AI) database. The AI feed models expected behavior to enrich this information. This improves:
  • Overall visibility
  • Asset management
  • Security

This strengthens the learned behavior from the baseline independently from the monitored network data.

Enriched asset

An enriched asset is one that has been confirmed against the AI database, matched to a known entity, and all additional database information has been applied to the asset.

Figure 1. Enriched asset

Enriched asset

When an asset is Enriched, all asset information is visible, including the End of sale and Product lifecycle status. With this additional information, more specific vulnerabilities for the individual asset are visible.

For more details, see Enriched asset information.

Not Active

The asset is not confirmed against the database and additional information is not applied.

Figure 2. Not active asset

Not active asset

An asset might be Not Active for several reasons, but typically it is because traffic with the asset's full protocol is not visible to the sensor, which could be the result of sensor placement. For example, if the sensor only sees traffic for the domain name server (DNS) of the asset, it is unable to see enough information to match against the AI database, and the asset is tagged as Not Active.