02-13-2014 08:27 AM
How can I found which CPPM onboarded devices are not being in use for period of time?
We are getting very close to our onboard license limit, but we have way less devices then that. However, I have seen three different ways license usage is being cranked up:
1 - Leavers devices are not removed and use up licenses - my company have quite a high employees turnover and this is difficult to keep track on
2 - Users upgrading their personal devices (phones and tablets) fairly often and when new devices are added old devices are not removed
3 - Every time when devices OS is being upgraded, devices are being onboarded again. Because of that multiple certificates exist for same devices and (I believe) multiple onboard licenses are used.
I need to find the best way to get on top of this.
Is there a "insight" report I can run that tells me which onboarded devices are not being used?
Any other suggestion to help me keep on top of this would be appreciated?
02-13-2014 08:51 AM
On 6.3 there's a Authentication Source option called Time Source that could potentially help you address using it as an authorization source.
I have not played with this yet
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
02-13-2014 09:06 AM
Also, if you're using DHCP relay profiling and/or IF-MAP integration from the controllers, the "Updated At" attribute in the endpoint database could be a valuable tool.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
02-14-2014 01:24 AM
Thanks for your post.
I have seen sme inacuraccy with profiler and I am not sure how much I can trust this data.
It is definitely worth looking at and I will definitely investigate this.
02-14-2014 10:49 PM - edited 02-16-2014 07:50 PM
There is a way to run a report in insight when a device hasn't been seen since a certain time. The issue is that it will list all endpoints not just the Onboarded.
I've asked engineering to see if there is something we can do that I dont know of, or is it in the roadmap.
In my example
1. I set it to search the past 6 months (screen shot 1)
2. Added Line two (screen Shot 2) Endpoint&>>>>updated at>>>>Less than or equals to>>>2014-02-01 00:00:00-00
I went back any endpoint that hasnt been see in the past 1 month.
--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.
--Problem Solved? Click "Accepted Solution" in a post.