Venafi Professional Services has created the following Regular Expression (RegEx) that may be used in Certificate Placement Rules to identify common vendor-issued certificates. These are certificates that often come pre-installed or are generated on common network equipment, printers, etc., that are commonly found on a network during a Network Discovery.
As the picture below depicts, the rule should be set so that the Issuer DN Matches Regex. This expression may be updated occasionally. If you have any improvements or suggestions, please leave a comment.
(?i:o=(?:.*(AirMagnet|American|APC|Aruba|Avaya|Avocent|Mergepoint|Cisco|Citrix|Dell|EMC|EndRun|Foundstone|Hitachi|Hewlett|HP|IBM|Imperva|Infoblox|Isilon|LANDesk|Liquidware|Lexmark|McAfee|MANDIANT|Opsware|Palo|Pivotal|Riverbed|SolarWinds|Sourcefire|Splunk|Datadomain|VMWare)).*)
The following site can be used to test any additions to the above RegEx that you may want to add;
Comments
Just to add some more detail here, this regular expression should be set to match against the "Issuer DN"