Record Unique Hardware Identifier for Endpoints
complete
T
Travis Irick
We need to be able to see a truly unique identifier for our endpoints. Hostnames can be changed. Serial numbers, MAC addresses, O.S. license keys can not.
In some cases users or company admins are able to set device hostnames and two devices could easily end up being exactly the same. This will particularly be a problem once support for macOS is added as devices very commonly end up with the same hostname as it is based on the initial user that is configured on the device (e.g. admins-MacBook-Pro).
This obviously leads to potential issues with auditing, verification, and various other aspects of tracking our endpoints.
I know motherboard serial numbers can not be captured, but then perhaps the MAC address can be, or the O.S. product key, or the disk drive serial number. The more (at least 2) actually unique identifiers available for an endpoint the better chance of properly identifying them. As it is with just a hostname, the chance of misidentifying is too high.
This data will be absolutely critical once API is implemented for our software to perform necessary checks and verifications during operations.
Josh Lambert [Product Manager - Huntress]
complete
Hi Everyone! We now support Agent ID (GUID), Mac Address, and Serial Number accessible from both the Agent Details page and /agents API route. Happy endpoint identifying, and thank you for the feedback that helped us get this prioritized.
Josh Lambert [Product Manager - Huntress]
in progress
J
Jim Greco
Josh Lambert [Product Manager - Huntress]:
You may want to generate and assign your own Huntress GUID (Globally Unique Identifier) for each agent at install time for agent Identification rather than MAC address. Huntress could Avoid a lot of pitfalls that using a MAC address could cause by assigning and identifying agents by a Huntresses GUID instead.
For example we have seen several platforms that don't account for multiple MAC addresses belonging to a single host i.e. physical and Wireless NIC on the same PC or multihomed servers. This causes clients to get duplicated in the management console or flap between records depending on which NIC is active on check-in. Also we are seeing more desktop NIC drivers enabling "random hardware address" features that completely randomize the MAC at each reboot to prevent tracking. This makes MAC addresses nearly useless for this type of feature. Also it is not uncommon for virtual guests to change mac addresses when migration, failover and host load balancing orchestrations move guests to different physical hosts.
I know it is not on the roadmap but if Huntress ever plans to build agents for mobile devices in the future; which heavily use "random hardware address"' I think you would be glad that you did not use MAC
addresses from the start, rather than having to refactor all your MAC address dependent Agent identification code at that time.
I still think having MAC addresses recorded would be useful but not as the primary agent identification mechanism
Josh Lambert [Product Manager - Huntress]
Hi Everyone! You'll be pleased to know that an Agent's MAC Addresses will be available in the upcoming Huntress API.
R
Randa Schmidt
100% agreed. One of the primary use cases for us with the new API will be matching Huntress agents with our RMM's agents. If there's only the hostname to go off of it won't be 100% accurate. I notice the OP says the serial number can't be pulled, but I'm not sure why that is. If it's true, at least pulling the MAC addresses would help.