Security

Reply
Regular Contributor I
Posts: 188
Registered: ‎03-22-2013

Anyone using CP for wired NAC and lots of non .1x devices?

Wondering how to best manage the devices we have that dont support .1x and/or arent in AD, our device count runs into 4 figures and may account for around 10% of wired connections, and it just gives me a headache thinking about static hosts lists!

 

Although I would suspect that even dedicated nac soultions would have this issue which would involve device profiling or dealing with hug mac address lists!

Guru Elite
Posts: 8,637
Registered: ‎09-08-2010

Re: Anyone using CP for wired NAC and lots of non .1x devices?

This is exactly the use case for the devices database in guest. Users or IT can register devices.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 4,301
Registered: ‎07-20-2011

Re: Anyone using CP for wired NAC and lots of non .1x devices?

See this how-to:
http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/How-To-Advanced-MACTrac-designs-in-ClearPass-November-MHC/td-p/217291
Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Regular Contributor I
Posts: 188
Registered: ‎03-22-2013

Re: Anyone using CP for wired NAC and lots of non .1x devices?

[ Edited ]

Perhaps I should have made clear that this was for printers, network adapters, IP phones, and many other devices that basically isnt a pc or laptop.

 

Thanks

Guru Elite
Posts: 8,637
Registered: ‎09-08-2010

Re: Anyone using CP for wired NAC and lots of non .1x devices?

Yes, same response. Unless you don't care about identity or ownership of the devices, then you can just use the profile feature. 

Sent from Nine

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
Showing results for 
Search instead for 
Did you mean: