Security

Reply
Contributor I

Building Management Systems

Hi

 

In a break from AV update issues, I would like to ask a question about building management network devices.

 

I have an issue in that most of our plumping/electrical equipment does not get detected by clearpass.

 

The reason seems to be that they don't have a presented mac address on the switch.  They just sit on the network. (Priva devices mainly)


I expect they would only send out network traffic when they are restarted.

 

Anyone seem this behaviour? Found a solution?

 

The obvious (insecure) method would be to remove them from clearpass monitoring but we are resistant to that

 

Thanks for any help

MVP

Re: Building Management Systems

Our systems do the same thing (MAC address table wise) and we generally have good luck using nmap to locate them manually.

Have you tried the Discovery options in ClearPass to see if letting it scan the IP space to see what it can find?

--Matthew

if I've helped, please give kudos
if I've provided a solution, please mark the solution so others can find it
Contributor I

Re: Building Management Systems

Hello

 

No we didn't try that, thanks for the ideas.  

 

But we decided that to make it reliable - as we are under pressure to monitor the infrastructure equipment (health and safety) that we had to remove the ports from clearpass.

 

Assign a separate vlan and used more traditional port security to prevent other devices connecting if someone messes with the wiring.

 

These devices only seem to show their mac when something attempts to connect to them, which isn't good for mac auth.

 

thank you!

 

 

Contributor I

Re: Building Management Systems

in the end, the building management systems had to be separated from clearpass and onto a dedicated section of the switch, didn't see another solution

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: