Collecting Extended Inventory Data for Endpoints

In addition to normal software and hardware inventory information of an endpoint, its better that we also collect some other critical information for endpoint analysis,threat and security breach detection.

Extended Hardware Inventory


 
       Printers
 Collect information about printers connected to the endpoint.
 Information to collect  :
 
 1. Printer Name
 2. Driver Name and Version
 3. Is Local or Network Printer.
 


  USB Devices  


 Information to collect :
 
 1. Type of USB device. eg : Mass Storage, USB Hub, smart card reader etc. 
 2. Manufacturer and Vendor ID. eg : Lenovo , Samsung
 3. Port Number on which the device is connected.
 4. Serial Number. eg: every pen drive has a unique serial number.
 5. Device Class (reserved , hub etc) and Device address
 6. USB Version (1.1, 2.0 etc) and Host Controller (generally 0 except for USBHub)


PCI Devices  


 Typical PCI cards used in PCs include: network cards, sound cards etc.
 Modems,extra ports such as USB or serial, TV tuner cards and disk controllers 
 are also included as PCI devices.

 Information to collect :
 
 1. Name of the PCI - Peripheral Component Interconnect device 
 2. Type - Integrated onboard or Expansion slot

  Modems

 Information to collect :
 
 1. Provider Name , Manufacturer
 2. Type - Internal , External
 3. Port Number.  eg. COM3
 4. Port Speed. eg. 115200
 5. Port Settings  eg. 8N1
 6. Inf file name

  Monitor  


 Information to collect :
 
 1. Name
 2. Type - LCD , CRT
 3. Manufacturer and year manufactured
 4. Screen Resolution
 5. Color Depth ( eg. 32bit )
 6. Size in Inches
 
  Keyboard  


 Information to collect :
 
 1. Type - Standard 101,102, PS/2,Natural
 2. Number of Function Keys
 3. Manufacturer
 
Pointing Devices  

 Information to collect :
 
 1. Number of buttons (2 , 3 , with/without scroll)
 2. Model
 3. Manufacturer

0 comments:

Post a Comment

+