Q: Does CPPM allows to configure multiple SNMP Read Only Community Strings for NMAP Manual Subnet Scan?
Use case:
I have a hybrid network with different SNMP string on each vendor devices. Is there a way, i would be able to add multiple SNMP strings in the scan?
A: Clearpass does an NMAP scan for the subnet and does a SNMP query when port 161 is found to be open.
A new feature introduced in 6.5. As per this feature we can add multiple SNMP strings for NMAP scan.
The NMAP manual subnet scan is augmented with an SNMP Query whenever the scan discovers that UDP port 161 is open on an endpoint that results in more attributes being collected. During the NMAP manual subnet scan, the Network Scan probe detects whether SNMP port 161 is open on the device. If the port is open, an SNMP Query is triggered with a default community string (public). If the device supports SNMP and the default Read Only community string is set to public, you can obtain the MAC address of the device from the MIB value “ifPhysAddress”.
Feature allows configuration of multiple SNMP community strings to be used to query static IP devices discovered by the profiler. Configuration screen for this feature is in "Configuration -> Profile Settings -> [SNMP Configuration] section".
