Skip to main content

Local Devices

A Local Device record is an an entity intended to represent one Device on the local network, no matter how many network interfaces the Device has. (Exception: special IP Range devices; see FAQ below)

Devices are created by:

  • Auto-detection: The DrawBridge monitors network traffic to detect local devices based on the IP address, and automatically creates a Local Device record if none exists for that address.
  • A DrawBridge Console user: Click the + located in the upper right corner of the Local Devices list view to to create a new Local Device Record.
  • The DrawBridge Agent: If the DrawBridge agent "calls home" with Device information that does not match an existing record, a new Local Device record will be created (only if the MAC address can be validated; see FAQ below)
  • Active Directory sync: If your DrawBridge is configure to sync with an Active Directory server, Devices listed in the AD server will be automatically created on the DrawBridge.
  • Compass Portal Sync: (Remote Devices Only)

In the Local Device list view, select any local device record by tapping the device name or IP address link shown in the Hostname column to see an individual device record.

Record View

A Local Device record contains the following parameters:

Parameter About
Company the Company associated with the Device; see Accounts: Companies for more information
Auto Hostname the automatically-detected hostname of the device on the network, if available
Platform the operating system of the device, if specified
Type the type of hardware, such as Laptop, Smartphone, Tablet, and so forth
Status this local device record is: Active or Inactive
Source origin of the record information: auto-detected or User Entry
Last Active the timestamp of the last filter traffic recorded for this device
Reportable traffic from this device Is or Is Not included in Activity Reports

Device Record header buttons:

  • Add a new Local Device record with the blue + Create Local Device button
  • Edit this Local Device record with the green pencil Update Local Device button
  • Delete this Local Device record with the red trashcan Delete Local Device button
  • Hamburger menu:
    • Today's Log Lines: a shortcut to the the Reports module with the device pre-selected in data views
    • Add Network Interface**: add an additional network interface to the device
    • Reset DrawBridge Agent: reset the record association with the DrawBridge Agent
    • Record Activity Stream: view the changelog for this Device record
  • Bookmark this page with the ribbon Bookmark button
Informational Tabs

  • Network Interfaces: IP address(es) and Mac address(es) associated with the device.

    Keep in mind that a device can have multiple network interfaces and also multiple IP addresses, so multiple lines may be listed here. For example, a laptop may have a Wi-Fi network interface as well as a wired Ethernet interface. Both interfaces will have unique MAC/hardware addresses, so if you want to apply a filter policy to that particular Device, no matter how it is connected to your network, you’ll need to ensure both interfaces (WiFi and Ethernet) are specified here.

  • Access Policies: a list of Access Policies that are applied to this device. (see Content Filter: Access Policies for further information)

    This list is generated based on the membership of the Device in a particular Device Group, a component of an Access Policy. The exact Access Policy can be visited by clicking the link in the list under the Name column, or, you can view all Access Policies for your company by clicking the Access Policies/Access Policy Dashboard button to the right.

Device Group Membership

A local device is always part of the alldevices Device Group of the associated Company. A local device can be associated with an unlimited number of Device Groups. See the Device Groups page for further information

FAQs

Q: Why aren't Local Devices automatically appearing on my account?

A: Auto-generated Local Device records are only generated for the Main Company. Verify that your account is set as Main if you are not seeing Local Device records auto-populate.

Q: Why doesn't the Local Device record display the MAC address of my device?

A: Bogus/Randomized MAC addresses may be automatically discarded by the console to reduce the amount of auto-generated Local Device records. For more context and a resolution, see the Question "Why are there so many Local Devices listed?".

Q: Why are there so many Local Devices listed? (I only have X number of devices on my network.)

A: Several factors may result in a proliferation of Local Device records:

  • “Network churn”: many new devices joining the network and old ones leaving. The DHCP server will do its job to utilize the limited address space available to it, which may involve assigning a previously-used address to a new device. This may result in the DrawBridge creating additional Local Device records or unexpectedly adding new MAC address associations to an existing IP Address / Hostname record.

    Countermeasure: configure address reservations in your network DHCP server (DrawBridge ClearOS webconfig panel or other network equipment, if applicable) to ensure that a specific MAC address may only ever be assigned a specific IP address.

  • Operating system privacy features: randomized hardware interface addresses (also known as MAC addresses). Most operating systems now have functionality to generate a random hardware address for a particular network to prevent devices from being tracked across public WiFi hotspots. While most Operating Systems will maintain the same randomly-generated MAC address for a particular “remembered” network, if you reset your network settings or Forget the saved network, and re-join, the randomly-generated MAC will have changed. As above, this may result in the DrawBridge creating additional Local Device records or unexpectedly adding new MAC address associations to an existing IP Address / Hostname record.

    Countermeasures: Turn off physcial/MAC address randomization for your DrawBridge-protected network name (for example, for your WiFi network), and then set a DHCP reservation for the actual device hardware MAC address. Turn off hardware address randomization, by operating system:

    • iOS: Settings/WiFi/ information icon/ toggle Private WiFi Address off
    • Android: Settings/WiFi/ gear icon/Advanced/set Privacy to Use Device MAC
    • Windows 10; All Networks: Settings/Network and Internet/WiFi/toggle Use random hardware addresses off
    • Windows 10; Specific Network: Settings/Network and Internet/WiFi/Manage Known Networks/select /Properties/set Use random hardware addresses to off
    • Windows 11: Settings/Network and Internet/WiFi/ gear icon/Advanced/Privacy/set Use device MAC

    Then add an address reservation in your DHCP server, as described above.

    Note: The DrawBridge console does perform a background cleanup of "dead" local device records on a regular basis.

Q: Any type of "agent" software available for Windows computers to positively identify Local Devices on a network?

A: Yes! See the page DrawBridge Agent Reference in this chapter for further information

Q: Can I create an “entity” for an IP address range instead of making a bunch of Local Device records?

A: Yes! Create a new Local Device, and in the Platform field, select Network IP / IP Range, then enter the IP address range. This special “Local Device” can be used in a Device Group just like an ordinary Local Device or Remote Device record.

Back to top