Security

last person joined: 12 hours ago 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

How can I found which CPPM onboarded devices are not being in use for period of time?

This thread has been viewed 0 times

  • 1.  How can I found which CPPM onboarded devices are not being in use for period of time?

    Posted Feb 13, 2014 11:28 AM

    How can I found which CPPM onboarded devices are not being in use for period of time?

     

    We are getting very close to our onboard license limit, but we have way less devices then that. However, I have seen three different ways license usage is being cranked up:

     

    1 - Leavers devices are not removed and use up licenses - my company have quite a high employees turnover and this is difficult to keep track on

    2 - Users upgrading their personal devices (phones and tablets) fairly often and when new devices are added old devices are not removed

    3 - Every time when devices OS is being upgraded, devices are being onboarded again. Because of that multiple certificates exist for same devices and (I believe) multiple onboard licenses are used.

     

    I need to find the best way to get on top of this. 

    Is there a "insight" report I can run that tells me which onboarded devices are not being used?

    Any other suggestion to help me keep on top of this would be appreciated?

     

    Thanks,

    Sasa



  • 2.  RE: How can I found which CPPM onboarded devices are not being in use for period of time?

    Posted Feb 13, 2014 11:52 AM

     

    On 6.3 there's a Authentication Source option called Time Source that could potentially help you address using it as an authorization source.

     

    I have not played with this yet 

     

    2014-02-13 11_49_32-ClearPass Policy Manager - Aruba Networks.png



  • 3.  RE: How can I found which CPPM onboarded devices are not being in use for period of time?

    EMPLOYEE
    Posted Feb 13, 2014 12:07 PM

    Also, if you're using DHCP relay profiling and/or IF-MAP integration from the controllers, the "Updated At" attribute in the endpoint database could be a valuable tool.

     

    updated-at.PNG



  • 4.  RE: How can I found which CPPM onboarded devices are not being in use for period of time?

    Posted Feb 14, 2014 04:24 AM

    Hi Tim,

     

    Thanks for your post.

    I have seen sme inacuraccy with profiler and I am not sure how much I can trust this data.

    It is definitely worth looking at and I will definitely investigate this.

     

     

    Cheers,

    Sasa 



  • 5.  RE: How can I found which CPPM onboarded devices are not being in use for period of time?

    EMPLOYEE
    Posted Feb 15, 2014 01:50 AM

    There is a way to run a report in insight when a device hasn't been seen since a certain time. The issue is that it will list all endpoints not just the Onboarded.

     


    I've asked engineering to see if there is something we can do that I dont know of, or is it in the roadmap.

    In my example

    1. I set it to search the past 6 months (screen shot 1)
    2. Added Line two (screen Shot 2) Endpoint&>>>>updated at>>>>Less than or equals to>>>2014-02-01 00:00:00-00

     

    I went back any endpoint that hasnt been see in the past 1 month.

     

    screenshot_02 Feb. 15 00.30.gif

    screenshot_03 Feb. 15 00.30.gif

     

    screenshot_04 Feb. 15 00.30.gif

     

    screenshot_01 Feb. 15 00.23.gif

     

     



  • 6.  RE: How can I found which CPPM onboarded devices are not being in use for period of time?

    Posted Feb 14, 2014 04:22 AM

    Hi Victor,

     

    Thanks for your post. Unfortunately we are not at 6.3 yet.

     

    Cheers,

    Sasa