Fingerbank
Back

About

What is device fingerprinting?

Device fingerprinting is a technique for identifying a device based on a collection of its unique characteristics and signals. By analyzing attributes of a device's hardware, software, and network behavior, it creates a digital fingerprint that can distinguish one device from another. This supports network security, access control, and device profiling. Common uses include enforcing policy for known devices, detecting unauthorized hardware, and enhancing visibility into connected endpoints.

Fingerbank is a global device fingerprinting intelligence platform that aggregates and analyzes these signals to identify device types, operating systems, and behaviors. It powers Akamai Segmentation and PacketFence, the largest open source network access control system. Fingerbank provides the intelligence layer for organizations to classify devices accurately without requiring software on endpoints.

Types of device fingerprinting

Active fingerprinting

Active fingerprinting engages directly with the device by sending queries or probes and analyzing responses. It can extract detailed information but is more intrusive and detectable. Active fingerprinting is often used when a high level of certainty is needed or when the environment allows for direct interaction with endpoints.

Drawbacks: More intrusive, detectable, can disrupt network traffic

Passive fingerprinting

Fingerbank's Approach

Passive fingerprinting listens to the normal network traffic or application data a device emits and infers identity from those patterns. It is stealthy and does not disrupt or alert the device. Fingerbank primarily leverages passive techniques, which are ideal for environments where scanning is not feasible or where devices cannot run agents.

Benefits: Stealthy, non-disruptive, continuous monitoring, no device interaction required

Injection methods and signals

Web/application level

At this layer, engines analyze HTTP headers and optional client-side attributes. Signals include user-agent strings, language preferences, and other browser-exposed characteristics. When combined, these data points create a unique profile of the device accessing a web application.

Network level (near the egress point)

At the network layer, fingerprinting engines observe traffic patterns and protocol behaviors without requiring client interaction. Common signals include DHCP request options, MAC address prefixes, and TLS handshake attributes. These low-level indicators are valuable for classifying devices as they join a network or pass through a gateway.

Fingerbank integrates both web-level and network-level signals, enabling accurate device classification across diverse environments. By mapping these identifiers to device profiles, it enhances security visibility and policy enforcement at scale.

Data Collection

Fingerbank provides flexible data collection options to meet diverse integration requirements. Solution integrators can choose between collecting their own device signals or leveraging Fingerbank's optimized collection infrastructure.

Custom Signal Collection

Integrators can collect device signals using their existing infrastructure and send them to Fingerbank for analysis. This approach provides maximum flexibility and control over the data collection process while leveraging Fingerbank's intelligence engine.

Fingerbank Collector

For organizations seeking a turnkey solution, Fingerbank Collector provides optimized, high-quality signal collection. This purpose-built collector ensures comprehensive data capture with minimal overhead, delivering consistent results across diverse network environments.

Fingerbank Collector Cloud Architecture
  • Quality Assurance: Optimized signal extraction ensures maximum accuracy
  • Performance: Minimal network overhead and resource consumption
  • Scalability: Handles high-volume environments efficiently
  • Flexibility: Supports both custom and managed collection methods

Why Fingerbank

Fingerbank provides device intelligence optimized for solution integrators across thousands of deployments worldwide. Technology partners integrate Fingerbank to deliver advanced network visibility and control in diverse environments including network access control, IoT and OT visibility, smart Wi-Fi optimization with device-aware QoS, and inventory and compliance auditing.

Fingerbank powers PacketFence, the world's largest open source network access control system, deployed in thousands of organizations across heterogeneous environments. This global deployment provides Fingerbank with unparalleled exposure to diverse device categories, from enterprise IT equipment and consumer electronics to IoT sensors, medical devices, and industrial automation systems. This real-world intelligence enables continuous learning and refinement of device fingerprinting accuracy.

Whether deployed for network-level enforcement, asset discovery, wireless optimization, or compliance auditing, Fingerbank delivers the device intelligence that solution integrators need to build effective network security and management solutions.

  • Optimized for integration into security, network, and IoT platforms
  • Thousands of deployments rely on Fingerbank intelligence to deliver real-world outcomes in network enforcement, asset visibility, and compliance
  • Covers both network-level and web-level device fingerprinting signals for maximum accuracy