Appendix I - Integrating IoT Assets using Third-Party Discovery Engines through APIs

Quantum IoT Protect allows external vendors to act as third-party discovery engines by adding their IoT assets to the system through APIs. The supported vendors are:

  • Armis

  • Claroty

  • Cynerio

  • Lansweeper

  • Ordr

  • Phosphorus

  • Saiflow

  • Sapphire

Step 1 - Creating a Profile for Third-Party Discovery Engine in the Quantum IoT Protect Administrator Portal

  1. Log in to Check Point Infinity Portal.

  2. Click the Menu icon in the top left corner.

  3. In the Quantum section, click IoT Protect.

  4. Go to IoT > Profiles.

  5. To create a new profile, click and select IoT Discovery Source Profile.

  6. In the Discovery Source section:

    1. Enter a name for the profile.

    2. From the Discovery source type list, select 3rd party discovery engine.

  7. In the Discovery Source Settings section:

    1. Copy the Integration ID.

    2. From the 3rd party vendor list, select the vendor.

    3. To integrate the vendor with Infinity Portal service, you must generate an API key. To do that, click Generate.

      The system generates a new API key.

      • Client ID - The identifier for the vendor's account and the client service that uses this API key.

      • Secret key - The password to access the Check Point Infinity Portal.

      • Authentication URL - The URL address used to authenticate API requests. In addition, it shows the specific gateway that uses this URL to authenticate the Client ID and Secret key.

        Note - To revoke the generated API key, click Revoke.

    4. Copy and share the Integration ID, Client ID, Secret key and Authentication URL with the vendor.

  8. In the Gateways That Use This Service section, select the gateway where you want to add the assets.

  9. Click Enforce.

Step 2 - Adding Assets from Third-Party Discovery Engines (External Vendors)

Prerequisites

  1. Make sure that the vendor has the following details:

    • Integration ID

    • Client ID

    • Secret key

    • Authentication URL

  2. An API client or API testing tool to run API calls.

  3. API Region URL:

    Region

    URL

    Europe (EU)

    https://cloudinfra-gw.portal.checkpoint.com/app/iotprotect/api/v1/asset-gateway

    United States (US)

    https://cloudinfra-gw-us.portal.checkpoint.com/app/iotprotect/api/v1/asset-gateway

    Australia (AU)

    https://cloudinfra-gw.ap.portal.checkpoint.com/app/iotprotect/api/v1/asset-gateway

For more information, see IoT External Asset API documentation.