The Fingerbank Collector allows network and security vendors to easily integrate advanced device fingerprinting and profiling technologies within their product. Firewalls, access points, WiFi controllers, switches, proxies and other solutions can integrate the Fingerbank Collector in order to accurately identify endpoints on networks. These solutions can then apply network and security policies based on the device type. Moreover, by utilizing the Fingerbank Cloud API's network behaviour patterns, the Fingerbank Collector can also do anomaly detection. With the proliferation of IoT devices, the Fingerbank Collector is essential to increase awareness and security.
DHCP / DNS / HTTP
TCP
RADIUS
ARP
The Fingerbank Collector is a self-contained software solution. It does not have any dependencies and has a very low memory and CPU footprint. It can also run on many architectures (x86, amd64, ARM, MIPS, etc.) and operating systems (Linux, BSD, Windows, Android, Mac OS X, Solaris, etc.). When started, the Fingerbank Collector will capture multiple protocols.
The Fingerbank Collector keeps part of the data it found interesting (like MAC vendor, DHCP v4 fingerprint, TCP fingerprint, DNS OS update lists, etc.) in-memory. Then, the Fingerbank Collector can be queried over HTTP using a RESTful API in order to get endpoint details based on the IP or MAC address.
When doing so, the Collector takes care of talking to Fingerbank Cloud - the public Cloud version hosted by Inverse.
The Fingerbank Collector takes care of all the data discovery and collection process, which is sometimes a tedious job. An other big advantage is that it is always using the latest and greatest data from the Fingerbank Cloud version, which is being improved every single second by thousands of PacketFence deployments worldwide.
The Fingerbank Collector and Fingerbank Cloud are closed-source software. If you are interested in integrating these advanced technologies, please contact Inverse for a license.