Skip to main content

Integrations

About the Illumio and Claroty Integration

The Illumio and Claroty integration allows you to view traffic from OT devices, between OT devices, and between OT and IT devices. You can drill down on these flows to view details and use the information to enforce policies.

Watch the video:

Before You Onboard the Illumio and Claroty Integration

Important

To be able to view traffic for Claroty devices, you must set up Flowlink. See Flowlink.

Important

You must generate the API token in Claroty xDome before you onboard the API Connector.

Use one of the following procedures depending whether or not you already have an API User user in xDome:

Generate an API Token from Claroty xDome

Important

Use this procedure if you already have a user in xDome with the API User role.

  1. Log into Claroty xDome and navigate to Home > Settings > Admin Settings.

  2. On the User Management page, select a user with the API User role.

  3. Click the key icon at the end of the row for the API User to generate the API token.

  4. In the Generate API Token modal, select an expiration date for the token from the Token Expiration drop-down list.

    Note

    Claroty recommends that you set tokens to expire after 90 days.

  5. Click Generate.

    Make sure to copy the API token because it only displays once.

  6. Click Finish.

Create a New User and Generate an API Token in Claroty xDome

Important

Use this procedure only if you do not already have a user in xDome with the API User role.

  1. Log into Claroty xDome and navigate to Home > Settings > Admin Settings.

  2. On the User Management page, click + Add User and set the following values in the Create User modal:

    1. Select the API User role.

    2. Click Edit Site Permissions and set the following values in the Add Site Permissions modal:

      1. Select the Group values, select Including future sites and groups, and click Apply.

      2. Select Read-Only User from the Roles drop-down list.

      3. Click Create User.

        The Pending Token Generation badge displays while the token is generating.

  3. After you create the new user, click the key icon at the end of the row for that user.

  4. In the Generate API Token modal, select an expiration date for the token from the Token Expiration drop-down list.

    Note

    Claroty recommends that you set tokens to expire after 90 days.

  5. Click Generate.

    Make sure to copy the API token because it only displays once.

  6. Click Finish.