Security

Reply
Contributor II

CPPM Endpoint cleanup

In the CPPM  (6.2.5) Cluster-Wide Parameters, there are some settings for endpoint cleanup.

We have:

-Maximum inactive time for an endpoint
set to 30 days

-Known endpoints cleanup interval
set to default -- 0

-Unknown endpoints cleanup interval
set to -- 7 days

-Profiled Unknown endpoints cleanup interval
set to -- 7 days

I wanted to make sure I understand these settings.  Do the combination of these settings result in:

 

"Unknown" and "Profiled Unknown" endpoints inactive/unused for more than 30 days will be checked and cleaned up every 7 days.

 

"Known" endpoints inactive/unused for more than 30 days won't be cleaned up (every 0 days).

 

Thanks,

Bryan

 

Re: CPPM Endpoint cleanup

In the endpoint database, there is a known/unknown column.  Your assumptions are correct.  The cleanup interval is how often the database is purged of stale entries.  A value of 0 is that it will never be removed.

Seth R. Fiermonti
Consulting Systems Engineer - ACCX, ACDX, ACMX
Email: seth@hpe.com
-----
If you found my post helpful, please give kudos
Occasional Contributor II

Re: CPPM Endpoint cleanup

Hi Seth,

So would that mean that the (40days inactive) setup below wouldnt work as the known and unknown cleanup interval is 0?

Maximum inactive time for an endpointdays
40
Cleanup interval for Session log details in the databasedays
7
Cleanup interval for information stored on the diskdays
7
Known endpoints cleanup intervaldays
0
Unknown endpoints cleanup intervaldays
0
Expired guest accounts cleanup intervaldays
365
Profiled Unknown endpoints cleanup intervaldays
0
Static IP endpoints cleanup option 
FALSE
Old Audit Records cleanup intervaldays
7
Profiled Known endpoints cleanup option 
FALSE
Contributor II

Re: CPPM Endpoint cleanup

Which attribute is used in the "Maximum inactive time for an endpoint " could be last authentication time? , I'm asking this because  I'm testing a post authentication profile to add an attribute that updates the last authentication time in the endpoint repositiory , for example leave the Cleanup interval to 90 days but if an endpoint connects  at day 89 extend the time  for 90 more days in order to maintain the endpoint in the database. Thanks in advanced.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: