Devices with Static IP Addresses
While most network-connected devices receive their IP addresses dynamically through DHCP, it’s common to reserve part of the network address space for use as static IP addresses for devices such as routers, printers, FTP servers, and DHCP servers. Beyond this common practice, there are some industries and facilities that use static IP addresses predominantly; for example, manufacturing, utilities, oil and gas, warehouses, order fulfillment centers, and processing and distribution centers. Because most automation and control applications use the IP address directly in their programs, it’s important that robotic devices and controllers in assembly lines and processing centers have static IP addresses, which is why static addressing is so prevalent in these areas.
IoT Security can be deployed in networks where DHCP dynamically
assigns IP addresses to devices, where network administrators manually
configure devices with static IP addresses, and where there’s a
combination of both. IoT Security uses multiple techniques for detecting
and monitoring network activity and correlating it to individual
devices. By examining the DHCP traffic logs that firewalls provide,
it associates dynamically assigned IP addresses with device MAC
addresses and adds these devices to its inventory. By looking at
ARP logs, IoT Security also learns IP address-to-MAC address mappings
and adds devices with static IP addresses, which might not otherwise
be discovered through DHCP, to its inventory as well. However, by
the very nature of ARP broadcasts, this only works for devices within
the same Layer 2 broadcast domains as the reporting firewalls. For
devices with static IP addresses beyond Layer 2 boundaries, IoT
Security uses machine learning to discover network activity patterns
indicating the likely presence of such devices. You also have the
option of manually providing IoT Security with static IP address assignments
through static IP device and subnet configurations.