An Eidola Diagnostic (an EiDiag™) can be run in any device mode
for licensed instances. Running the
device in Stand Among means that the infrastructure services are not enabled
and that the Eidola device is functioning primarily as a device and system
tester.
The use of the Eidola platform and the EiDiag™ tools need to be closely coordinated with customer IT department as these same techniques are used by hackers in an adversarial manner to probe networks for vulnerabilities. It is easy to run Eidola services and generating reports and follow on actions. There is a base set of ever-expanding infrastructure and network diagnostics. The following are the base set.
1089,
1090, 1091 NMAP
The Network Mapper (NMAP)
diagnostic provides a means of scanning networks and locating the devices on
the designated network. There are 3 different default scans available in the
NMAP menu. The NMAP diagnostic scans
ports and examines a number of different protocols and the related services.
These typically include Transmission Control Protocol (TCP), User Datagram
Protocol (UDP) and others. The diagnostic is set with default scans but does
have the flexibility to take customized (browser, settings file and API) input.
A typical scan yields the following for each device mapped on the network:
- IP address
- Ports
- Services and Status
- MAC address
- Network service vendor[1]
[1]
Depending on the device this
may also be the product vendor, in other cases it is the vendor of the network
interface components.
1203
TLS
The Transport Layer Security (TLS) diagnostic performs a check to see if strong authentication using digital certificates is implemented properly. This is a system fundamental. Vendors and integrators need to connect over secure channels to send security data for access, video, metadata, and other purposes. It is simply not just the need to use HTTPS and TLS but very importantly the need to do it correctly. This diagnostic looks to see if the TLS cipher-suite is properly implemented in line with the current version (1.2)[2]. The information gathered includes:
- Digital Certificate
- Issuer
- Validity
- Subject
- Public Key
- Signature
[2] IDmachines has maintained close watch on the evolution of the standards deployed in the Eidola platform for decades and participates globally in the development and maintenance of these standards.
- TLS Version
- TLS Cipher Analysis
7101
Infrastructure Health Check
This is a system check that performs a network scan and stores a
sample for analysis. It makes it easy
for someone with little network experience to gather a sample that can be
analyzed prior to the next steps in virtual support of the technician.
7102
Digital I/O Dashboard
This provides a means to test and simulate inputs and outputs. Many physical systems make use of contacts,
inputs and outputs. In component and
system lifecycle management this tool provides a flexible test harness easily
configured to support a wide range of devices.
8100, 8200 OSDP
The Open Supervised Device Protocol (OSDP)
toolbox provides a means of testing configuring and maintaining physical access
control readers and physical access control door controller (panels) and other
devices using the protocol. The diagnostic allows the simulation of either a
reader or a controller or can act as a monitoring device to gather information
on implementations of the protocol. This
diagnostic is also available as a standalone tool (See OSDP EiWrench™).
9901
PKI
The 9901 Public Key Infrastructure
(PKI) diagnostic provides a number of PKI test tools including the following:
- Certificate Authority
- Certificate Requests – Public Key Cryptography Standard (PKCS) -10
PEM
- Certificate and Key Bundle – PKCS-12
- Root Certificate
- Certificate Revocation List (CRL)
This diagnostic provides and ability to set up a test Certificate Authority or federation. It can be set up as part of the infrastructure mode to support component and system testing. See also EiPIV™ tools for FIPS-201 and related NIST PIV data model.[3]
[3] Personal Identity Verification
9902
Power Scanner
The 9902 Power Scanner diagnostic
works with instrumented (networked) power supplies and is dependent on the
support of vendor and their Simple Network Monitoring Protocol (SNMP) and their
management information base (MIB). Output is available SQL database, CSV and
JSON formats for further analysis.
IDmachines supports some specific manufacturers power supplies, contact eidola@idmachines.com
for details.
9903
SNMP
The Simple Network Monitoring
Protocol (SNMP) diagnostic provides a more detailed set of information for each
device. The information obtained is dependent on the manufacturer’s
implementation of the protocol and is described in a Management Information Base
(MIB) and is a combination of system status and configuration data. Among the
information of interest that can be obtained:
- Make
- Model
- Firmware
- Last update
9905
One Button
The One Button diagnostic takes
the NMAP, SNMP and TLS diagnostics and runs them together. It takes the output
of the NMAP diagnostic as the input for the SNMP and TLS diagnostics. In the
process it creates a valuable set of information about the devices on the
network that can be used to capture as-built information, system vulnerabilities
and perform audits of systems for compliance and other enterprise reporting. SQL, JSON, XML and log.txt outputs are rec orded. Results can be integrated via and application
programming interface (API) for example ERM integration can associate results
of the One Button with a job ticket or project milestone during different
phases of the system integration lifecycle.