Merge Assets

Required OT Security User Role: Administrator, Supervisor, Site Operator

Devices in your network may appear as two or more separate assets in OT Security due to passive traffic observation, routing configurations, or insufficient asset details information, which prevents the automatic merging of assets internally.

For example, multi-homed devices such as workstations, servers, or controllers typically have multiple IP addresses enabling them to communicate across various networks. Alternatively, consider virtual network interfaces on a Switch, Router, or Firewall. Even though they are virtual extensions of a single physical network device, each of these might register as a distinct asset.

In such cases, you can use the Merge Assets option to merge two assets together and remove duplicates. You can access this option either from the Inventory page or from the single asset details page.

Caution: This action is irreversible.

To merge assets:

  1. In the left navigation menu, go to Inventory > All Assets.

    The All Assets page appears.

  2. In the All Assets table, do one of the following:

    • Select the target asset to merge.

    • Click the asset link to open the asset details page.

    OT Security enables Actions.

  3. Click Actions > Merge with Another.

    The Merge Asset | Select Source Asset panel appears.

  4. Filter or search for the source asset.

  5. Select the source asset to be merged with the target asset.

  6. (Optional) Select the Force merge even if attributes conflict checkbox to bypass conflicts.

  7. Click Merge and Delete.

    OT Security deletes the source asset and merges its attributes and findings to the target asset.

What Happens When You Merge Assets

The asset merging process combines two assets into a single entity while maintaining data integrity across the system.

This operation involves these key stages:

  • Asset Properties Consolidation: When assets are merged, their properties are merged into the destination asset. If both assets have a different value for the same property, the system uses a priority mechanism to decide which value to keep. This process ensures the merged asset retains the most accurate or recent information.

  • Connection Preservation: Network connections previously pointing to either asset now reference the merged asset. This includes:

    • Direct connections to other devices

    • Slot-based connections within backplanes

    • Network interface mappings, including IP and MAC addresses. The system ensures that all historical address information is retained, and duplicate entries are removed.

  • Finding Consolidation: The system consolidates all findings, vulnerabilities, and security events under the new one, thereby preserving its complete security history.

Merge Conflicts and Forced Merge

The following assets cannot be merged:

  • Special assets such as ICP, Sensor, or broadcast assets.

  • Assets from different backplanes (only one of them is allowed to have a backplane).

  • Assets that have different slots (if both assets have slots, it must be the same slot).

  • Assets that have different serial numbers.

Force Merge: Selecting the Force Merge checkbox bypasses the system's checks for backplane, slot, and serial conflicts. While this option does not guarantee a successful merge and the merge engine may still block invalid operations, the system proceeds with the merge before it might be blocked.

How to Rectify an Accidental Merge

If an asset merge was performed in error, or you need to revert both assets to an unmerged state, delete the asset. Deleting it allows the system to rediscover the individual asset as they were before the merge. For information on how to delete a single asset or a group of assets from OT Security, see this knowledge base article.